Reputation: 311
Acquire AAD B2C access token in webtest
I have a REST API that is secured by AAD B2C access tokens. I now want to add webtests that can be used in load testing the API.
I am stumbling to acquire a valid access token for my test users from AAD B2C. I'm thinking to somehow get a token as a response from a REST API call to AAD B2C.
Looking in that direction on the net I have found a number of pages that point me to this rather undocumented endpoint
https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/oauth2/v2.0/token?p={policy}
where I need to provide a number of parameters. So far I found
- client_id
- client_secret
- scope
- grant_type
When I now add
- grant_type=password
- username
- password
I thought when POSTing to that I would get a token from AAD - but I rather get a service side exception
{
"error": "server_error",
"error_description": "AADB2C: An exception has occurred.\r\nCorrelation ID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\r\nTimestamp: 2018-11-07 16:27:10Z\r\n"
}
Questions
- Is the approach correct?
- Is there a better way to acquire an access token for a webtest?
- Is the POST request malformed in any way?
Upvotes: 0
Views: 683
Answers (1)
Reputation: 14724
You can create a resource owner policy that enables an access token to be acquired by the web test from the token endpoint using the password grant.
Upvotes: 1
Related Questions
- Confused on how to get access tokens from B2C in Blazor App
- Get access token in web site integrated with Azure AD B2C
- Request Access Token in Postman for Azure AD B2C
- Azure ADB2C request token for service
- Access Tokens - Generating Authorization Code
- AAD B2C authorized Web Api test with Postman fails
- Using modern Azure AD B2C Library to get an access token for API pass through
- How to get access token for integration test with external api
- Azure AD B2C get token programatically for unit testing
- Automated endpoint testing protected by Azure AD B2C