I’m attempting to call a web api that I have created in dotnet core 5 from my Angular application. I’ve followed the quickstarts, Call an API, and ASP.NET Core Web API.
When I setup my Angular app to call the users API in the quickstart it comes up with a prompt for consent ok. However, when I change over all the settings to call my own web api, I don’t get a prompt for consent, I just get a Consent Required error.
I am developing both locally, so the angular app url is localhost:4200 and my web api is localhost:44310.
Any guidance on how to grant consent, or get the prompt would be much appreciated.
Welcome to the Auth0 Community!
First, could you please clarify if you used the
consent=prompt parameter in your request?
If not, I recommend passing the
consent=prompt parameter in your
Once this is complete, the consent prompt will be displayed during login.
Please let me know if there’s anything else I can do to help.
Thanks for getting back to me. I’ve checked the network traffic to get the URL that is called and it does NOT have the
How do I get this parameter added to the URL? My setup is based off the quickstart example, so I am not setting the URL myself anywhere in code. Is there something that should be set in the app module where I am importing the AuthModule?
My setup in the app module currently looks like this:
// Request this audience at user authentication time
// Request this scope at user authentication time
// Specify configuration for the interceptor
// Match any request that starts ‘https://YOUR_DOMAIN/api/v2/’ (note the asterisk)
// The attached token should target this audience
// The attached token should have these scopes
Looking for any further updates on this.
Thank you for your responses.
I have just gone ahead and tested this myself with the Angular Quickstart you shared in your initial post. After testing, I could successfully get the consent prompt when calling my API.
In this case, you can specify the
scope parameters in your
AuthModule.forRoot, which should be adequate to prompt consent from the user.
It may also be the case where the user has previously provided consent and no longer asked, so you may need to revoke their authorization or increase authorization to ask the user for consent again.
See this doc:
Please let me know how this goes for you.
I have figured out the issue. I had updated the uri and audience in the httpInterceptor section, but not the audience below the client id. Once I updated it, then it worked ok.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.