Reputation: 1353
I tried to follow the OAuth implicit flow as mentioned in this doc and it works fine.
But when i changed the response_type to 'token', azure ad redirects back to https://example.com/#access_token=ey...
instead of https://example.com/?access_token=ey...
Difference is the #
instead of ?
. This is a problem as we are not able to fetch the parameter using
Request.Params.Get("access_token"); //this always null
How to fetch the access token from the url?
Upvotes: 1
Views: 281
Reputation: 26324
It's a trap!
You can't do it in the backend.
That's the whole point of it being a fragment rather than a parameter - only the user agent can extract it. Use adal.js
or manually extract it in JavaScript and place in local/session storage.
Follow the samples in azure-activedirectory-library-for-js and look at this method.
Upvotes: 2