azure-ad-b2c

I would like to use Azure AD B2C but have several difficulties using it. One problem I have is to validate the signature of the token. First I wanted to validate the token "manually" using jwt.io. According to the Microsoft Docs , validating the signature should work like this: Your app can use the kid claim in the JWT header to select the public key in the JSON document that is used to sign a particular token. It can then perform signature validation by using the correct public key and the indicated algorithm. My understandig: Grab the kid value out of the header, lookup the key in the

How can I request an Access Token in Postman against an Azure AD B2C tenant? I tried taking the url from Run Now in the Azure portal and putting that in the Auth Url but that produces the following error: Update Following Chris's answer, I'm now past the above error. I'm able to sign-in but still can't get an access token: AADB2C90085: The service has encountered an internal error. Please reauthenticate and try again. Correlation ID: 45c56d47-4739-465f-8e02-49ba5b3a1b86 Timestamp: 2017-11-16 15:27:52Z Using @Chris Padgett's answer , I was able to get it working using the Implicit Grant Type

I was following the answer here: Multi-Tenant Azure AD Auth in Azure AD B2C with Custom Policies And the walkthrough here: https://github.com/Azure-Samples/active-directory-b2c-advanced-policies/blob/0129fc013ae5e66a3ee0046a5d0db2e8120d8f8e/Walkthroughs/IdP-AzureAD.md But I wasn't able to login, the error message is something along the line: AADB2C: An exception has occured. Correlation ID: <GUID>. Timestamp: <Time> Furthermore, when viewing the walkthrough in latest master, the whole page has been removed and now only contains the link to https://docs.microsoft.com/en-us/azure/active

In the ADB2C user registration flow you have an picture on the left & the form on the right. Is there an easy way to change the picture on the left? I don't want to redesign the whole page. Full customization which includes your own HTML/CSS is available for all the Azure AD B2C user flows including the "sign-up or sign-in policies" which offers a combined - registration and login - policy. The "sign-in" policy type is the only one that offers the ability to customize via the "company branding" feature which needs only a picture upload. All other flows require upload of HTML/CSS content. A

Can I disable sign-up in Azure AD B2C? In other words, I don't want customers to sign up accounts by themselves, I want it to be done only by admin in Azure. Thanks. Built-in Policies Yes, only define a Sign-in policy . Do not define a Sign-up or Sign-in policy nor a Sign-up policy . Custom Policies The problem with a sign-in only policy is you only have basic UI customization options. You do not get the full set of features as described here . With custom policies, you can define a Sign-Up/Sign-In policy and then disable the Sign-Up portion. This allows for the same level if UI customization

I just received the following error when I tried to run a built-in b2c edit policy from portal.azure.com . I have 2 tabs of the portal open. Why am I receiving this error? Bad Request - Request Too Long HTTP Error 400. The size of the request headers is too long. Note: I experienced this same error message when testing active-directory-b2c-dotnet-webapp-and-webapi sample project . The reason provided was I was sending too many cookies. Is it the same problem? If it is the same problem, shouldn't stale cookies be deleted before creating new ones? I do see a lot of cookies for https://login