azure-ad-b2c

问题 I'm trying to set up AD B2C and am following along with various tutorials I've found online. I'm at the point where I'm testing user flows. I can successfully login, but when I'm redirected to https://jwt.ms , it shows me nothing: However, I noticed that my URL differs from that shown in tutorials. It has a code instead of id_token : https://jwt.ms/?code=eyJraW... I've been trying to figure out what is causing B2C to redirect with a code rather than ID token, but have been unsuccessful. Can

问题 I am confused about how Azure B2C works when SPA is talking to backend APIs. We have a VUE app that retrieves data from ASPNet core Web APIs. I connected the VUE with APP on Azure B2C and I can login and retrieve access token, but. How does authentication/authorization between SPA and APIs work? TIA 回答1: Azure B2C uses OATH 2 / OpenID Connect as the main way to secure single page apps and API's. OATH 2 uses Json Web Tokens (stateless cryptographically signed tokens) to provide authentication

问题 Originally I deleted an Azure AD B2C directory, which according to the MSDN guide included removing the b2c-extensions-app. When I thereafter created a new Azure AD B2C directory with the same name, the b2c-extensions-app was not created automatically. Following this, I tried to create a new Azure AD B2C directory with a different name, which also missed the b2c-extensions-app. How come both of them misses the b2c-extensions-app? And what can be done to fix this? EDIT: To answer the second

问题 I am developing ASP.NET Core application which utilizes Azure AD B2C for user management. I would like to have sign in /up form being localized to multiple languages. I have added new languages for policies in Azure AD B2C management dashboard in Azure portal. Now I would like to set ui-locales parameter (as described on this documentation page) when calling out to Azure AD B2C from my application. This is a piece which I am not able to achieve as I am not sure where I can inject this

问题 I am using Spring Boot 2.2.0 with azure-active-directory-b2c-spring-boot-starter 2.2.0. I managed to secure a Thymeleaf web page with that (following their tutorial). Now, I want to have a REST API that is secured in the same way, as the actual application will be a mobile app that does REST calls to my Spring Boot backend. I already figured out how to get a token with the password grant flow using: POST https://<my-tenant-id>.b2clogin.com/<my-tenant-id.onmicrosoft.com/oauth2/v2.0/token?p=B2C

问题 I am developing ASP.NET Core application which utilizes Azure AD B2C for user management. I would like to have sign in /up form being localized to multiple languages. I have added new languages for policies in Azure AD B2C management dashboard in Azure portal. Now I would like to set ui-locales parameter (as described on this documentation page) when calling out to Azure AD B2C from my application. This is a piece which I am not able to achieve as I am not sure where I can inject this

问题 I need to add custom claims to my Azure B2C users, so I figured the way to do this is to add schema extensions to the User for my directory App with Graph API (beta). I wrote a simple test for that: SchemaExtension schemaExtension = new SchemaExtension { Id = schemaName, Owner = _appClientId.ToString(), Description = string.IsNullOrWhiteSpace(schemaDesc) ? string.Empty : schemaDesc.Trim(), TargetTypes = new List<string> { "User" }, Properties = new List<ExtensionSchemaProperty> { new

问题 I am trying to retrieve the Azure AD B2C users sign-in audit logs, but its throw below error var signIns = await _graphClient.AuditLogs.SignIns .Request() .GetAsync(); fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1] An unhandled exception has occurred while executing the request. Status Code: Forbidden Microsoft.Graph.ServiceException: Code: Authentication_RequestFromNonPremiumTenantOrB2CTenant Message: Neither tenant is B2C or tenant doesn't have premium license

问题 I am trying to retrieve the Azure AD B2C users sign-in audit logs, but its throw below error var signIns = await _graphClient.AuditLogs.SignIns .Request() .GetAsync(); fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1] An unhandled exception has occurred while executing the request. Status Code: Forbidden Microsoft.Graph.ServiceException: Code: Authentication_RequestFromNonPremiumTenantOrB2CTenant Message: Neither tenant is B2C or tenant doesn't have premium license

问题 I am trying to update the identities collection for an existing User in an Azure AD B2C tenant. Specifically, I am attempting to add another federated identity entry for the user. According to the Microsoft Graph documentation this should be possible provided that I: Assign User.ManageIdentities.All permission to the client I am using to make the graph call Send the entire existing identities collection, with the new identity entry appended (this also ensures that the existing identity with