azure-ad-b2c

问题 I am using the standard OIDC .NET library to make a challenge request to ADB2C. From my understanding, this automagically attempts the sign in with the refresh token in cache and gains an authorization without re-asking for credentials. This seems to work absolutely fine, except on 1 browser - Chrome on Android. No matter what I try, this browser seems to to lose the refresh token, so after around 1 hr, it starts asking for credentials again. I have cross checked this on Chrome web/mac, edge,

问题 I am using the standard OIDC .NET library to make a challenge request to ADB2C. From my understanding, this automagically attempts the sign in with the refresh token in cache and gains an authorization without re-asking for credentials. This seems to work absolutely fine, except on 1 browser - Chrome on Android. No matter what I try, this browser seems to to lose the refresh token, so after around 1 hr, it starts asking for credentials again. I have cross checked this on Chrome web/mac, edge,

问题 I have an Anuglar5 spa frontend and ASP.NET Core API. Both secured by Azure AD B2C service. The angular application redirects correctly to the login page and signing in returns a token. When I try to call the API with the token I get; AuthenticationFailed: IDX10214: Audience validation failed. Audiences: '627684f5-5011-475a-9cbd-55fcdcdf369e'. Did not match: validationParameters.ValidAudience: 'ee8b98a0-ae7a-38b2-9e73-d175df22ef4c' or validationParameters.ValidAudiences: 'null'. "627684f5

问题 I want to trigger a function when a user registers in my azure AD B2C. But I can't find any examples on this. Is the user added to any queue or stored in any table? Or do I need to look at the respons back when the user clicks the "register" button in my app? I followed this guide to create my B2C. What I want is to eg. send a welcome mail. 回答1: Azure AD B2C does not have any support for custom emails events or custom triggers through its built-in policies. However, you can use Azure AD B2C

问题 This is basically a follow up to my prev question - https://stackoverflow.com/a/44738654/2896495. I've implemented an Azure B2C sign up and auth in my web app (.NET Core 2.0) and now I want to add a custom sign up logic with Graph API (as described here - https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet). But I'm confused about app registrations. For B2C auth I created an app in the Portal under Azure AD B2C -> Applications. Now, in

问题 As the microsoft iffical said, The UWP can't use system web with aad b2c, has to use Embedded Webviews. But when I use MSAL.net, it offen mis-render the page, as the image below(in some times , the page maybe right render). And I can run the user flow and right render with my system chrome web browser . The uwp Embedded Webviews is in old edge core(maybe this is the reason?). what can I do? does Microsoft can solve the matter？ 回答1: B2C is supported in UWP. Please upgrade the application to

问题 I am using Azure B2C, followed by the article https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet User is added successfully. But the issue is how to check the user exist or not with a user name, when I creating a new user? 回答1: You can find users by their email address or their user name using the signInNames filter. For an email address: `GET https://graph.windows.net/myorganization/users?$filter=signInNames/any(x:x/value eq 'someone

问题 I'm using Azure AD B2C for authentication for my NodeJS API. However, I keep receiving a 401 Unauthorized error by Azure AD B2C. When I add ignoreExpiration: true to my AAD auth options, I do not get a 401 Unauthorized error and my API works fine. However, once I remove the ignoreExpiration, I get the 401 Unauthorized error. I even generated a new token, verified that it is valid (and not expired) by decoding the token using https://jwt.io/. I even made sure it has the correct scope. The API

问题 I'm using this code to authenticate and to get access token using azure adb2c. And i'm using 'react-azure-adb2c' msal library. i tried using (https://login.microsoftonline.com/tfp/) instance value as well. import b2cauth from 'react-azure-adb2c'; b2cauth.initialize({ instance: 'https://MyPortaldemo.b2clogin.com/tfp/', tenant: '4f7d3971-9a3b-4a58-9342-ab0ffc4b842a', signInPolicy: 'B2C_1_signupsigninmydemoapp', applicationId: 'ad8597bc-484b-495e-b968-ce91b60c4947', cacheLocation:

问题 I've followed the instructions here to set up the Azure AD multi-tenant custom policy in the Identity Experience Framework: https://docs.microsoft.com/en-gb/azure/active-directory-b2c/active-directory-b2c-setup-commonaad-custom?tabs=applications However I'm unable to get a claim back containing the email address (corresponding to the "user name" from the external active directory). The main single-tenant active directory setup works fine, when I use this claim mapping (and the other "social"