Reputation: 25
Using MSAL for Azure AD-B2C in AspNetCore?
Here is my problem, I create a brand new AspNetCore WebApplication in VS2017 RC.
Since I want to use Azure AD B2C to authenticate, I add the required NuGet packages:
Microsoft.AspNetCore.Authentication.Cookies
Microsoft.AspNetCore.Authentication.OpenIdConnect
I then add all the code to configure authentication. In fact, I reproduced the app demoed in this Channel9 video: https://channel9.msdn.com/events/Ignite/Australia-2017/CLD336a
It works fine and I can authenticate as expected. Now I want to get an access_token in order to access my WebApi also secured using AAD-B2C. For this, I need to change the ResponseType to
ResponseType = OpenIdConnectResponseType.CodeIdToken
and handle the OnAuthorizationCodeReceived event. In order to do that, my understanding is that I have to add the Nuget Package Microsoft.IdentityModel.Clients.ActiveDirectory. But this library will not target the v2.0 endpoint that I need for AAD-B2C.
So I saw in another GitHub solution (https://github.com/dzimchuk/azure-ad-b2c-asp-net-core) that i could use the Microsoft.Experimental.IdentityModel.Clients.ActiveDirectory package.
Unfortunately, this package is not compatible with NETCoreApp,Version=v1.0 and I get this error message when trying to add it to my project:
One or more packages are incompatible with .NETCoreApp,Version=v1.0 (win-x64).
Package Microsoft.Experimental.IdentityModel.Clients.ActiveDirectory 4.0.209160138-alpha is not compatible with netcoreapp1.0 (.NETCoreApp,Version=v1.0) / win-x86. Package Microsoft.Experimental.IdentityModel.Clients.ActiveDirectory 4.0.209160138-alpha
What am I missing?
Upvotes: 1
Views: 486
Answers (1)
Reputation: 3237
Azure AD B2C does not currently support access tokens to a resource other than "self". To get an access token for self, you just need to put your client/app id as the scope. You can post on User Voice to recommend this feature and check in on other user recommended features (this has been requested before).
In terms of your library confusion, you definitely want to stick with MSAL. The ADAL experimental branch is not recommended and not actively being developed.
Upvotes: 1
Related Questions
- Using azure AD B2C for blazor web api authentication
- How do you authenticate AAD B2C using MSAL?
- Can the MSAL API be used with B2C only - or B2B application too?
- use msal to connect to Azure B2C - state parameter
- AspNet Core 2.1 Website Azure AD B2C Example
- How to invoke azure b2c signup using MSAL in a SPA
- .Net Core and Azure AD B2C Setup
- Using MSAL with Azure AD B2C to login with Google
- Using Azure AD B2C and MSAL to authenticate a windows service
- MSAL or ADAL library for use with Azure AD B2C and Xamarin