问题
I need to be able to get an identity/access token to a backend API for a native client, where the native client must use native UI to collect username and password.
I want to use Azure AD B2C but I cannot get clear, explicit info if the Resource Owner Password Grant flow is supported. Is it possible to get a token from Azure AD B2C by programmatically posting username and password somewhere?
回答1:
Azure AD B2C does not support the "Resource Owner" password grant yet.
You can support this feature ask and get updates on its progress by voting for it in the Azure AD B2C feedback forum: Add support for Resource Owner Password Credentials flow in Azure AD B2C.
回答2:
Is it possible to get a token from Azure AD B2C by programmatically posting username and password somewhere?
You can use the Azure AD Client Credential Flow to obtain a token. See this SO Post.
ROPC might be the right OAuth Flow for you, but before you start using it, you might want to check out this blog post: Why the Resource Owner Password Credentials Grant Type is not Authentication nor Suitable for Modern Applications.
来源:https://stackoverflow.com/questions/44997177/can-i-use-resource-owner-password-grant-flow-with-azure-ad-b2c