Issue Mitigated: Azure AD B2C’s JWT tokens don’t have the ‘kid’ value pair in headers – 8/8/2016

Issue mitigated: Monday, 8th Aug 2016 9:08 PM PST

The issue was mitigated.  Operations should be back to normal.

The “kid” header for the previous valid key now appearing in new JWT tokens



Interim updateMonday, 8th Aug 2016 6:30 PM PST

We are actively working on this issue and will provide another update in an hour's time.

- Swaroop

Initial update: Monday, 8th Aug 2016 5:30 PM PST

We are actively investigating an issue with Azure AD B2C. The JWT tokens issued by the service don't have the 'kid' value pair in the headers. Some customers may experience errors while attempting to validate the signatures of tokens issued by Azure AD B2c.

  • Workaround: None
  • Next update: Before 6:30 PM PST

We are working to resolve this issue ASAP and apologize for the inconvenience.

- Swaroop


Comments (1)
  1. The issue has been mitigated at 9:08PM PST by rolling back the new token signing key that went active today. We are investigating the root cause and delay in mitigating this incident to prevent this from re-occurring in the future.

Comments are closed.

Skip to main content