问题
I’m working on an application which can read files of a given OneDrive account.
We use Azure AD B2C as the identity provider. Also users can login to the application using their Microsoft account. For that I have enabled Microsoft as an Identity Provider in my AAD B2C tenant.
When a given user is login using their Microsoft account, application should be able to get an access_token which enables us to communicate with MS Graph API, in order to fetch file details.
However, according to this article, this is support only for Facebook and Google only.
Azure AD B2C currently only supports passing the access token of OAuth 2.0 identity providers, which include Facebook and Google. For all other identity providers, the claim is returned blank.
Any suggestion to get this work in my use case?
回答1:
You might have to create a custom policy that is enabled for sign-in with Microsoft.
Then, you can pass through the access token from the Microsoft Account identity provider to the end-user application, using the {oauth2:access_token} claims resolver.
来源:https://stackoverflow.com/questions/63499210/pass-access-token-of-a-third-party-idp-to-the-application-via-azure-ad-b2c