azure active directory – Why does my AzureAD next-auth provider generate an access token that is encrypted?
I am using next-auth with AzureAD as a provider. This is a snippet of my authOptions
export const authOptions: NextAuthOptions = {
providers: [
AzureADProvider({
clientId: process.env.NEXT_PUBLIC_AZURE_AD_CLIENT_ID ?? "",
clientSecret: process.env.NEXT_PUBLIC_AZURE_AD_CLIENT_SECRET ?? "",
tenantId: process.env.NEXT_PUBLIC_AZURE_AD_TENANT_ID ?? "",
})
],
pages: {
signIn: '/auth/signin',
},
callbacks: {
async jwt({ token, account }) {
if (account) {
// Store the token received from Azure AD
token.accessToken = account.access_token;
}
return token;
},
async session({ session, token }) {
session.accessToken = token.accessToken;
return session;
},
},
};
And even though I set my “tokenEncryptionKeyId”: null, the generated token I find in my cookies is a JWE not a JWT and I don’t have any key to decrypt it. Any leads?
Read more here: Source link