CODEWITHSUNDEEP
azure-ad-b2c
Aspirant
Aspirant

Reputation: 1954

Azure B2C: REST call with external IDP

After configuring an external IDP in a user journey a subsequent REST call has to be made by sending an identifier to the REST endpoint. Upon receiving the response from the REST api, an attribute from the response has to be populated in the idtoken that has to be sent back to the caller.

The custom policy looks like this:

<ClaimsProvider>
            <Domain>live.com</Domain>
            <DisplayName>Microsoft Account</DisplayName>
            <TechnicalProfiles>
                <TechnicalProfile Id="MSA-OIDC">
                    <DisplayName>Microsoft Account</DisplayName>
                    <Protocol Name="OpenIdConnect"/>
                    <Metadata>
                        <Item Key="ProviderName">https://login.live.com</Item>
                        <Item Key="METADATA">https://login.live.com/.well-known/openid-configuration</Item>
                        <Item Key="response_types">code</Item>
                        <Item Key="response_mode">form_post</Item>
                        <Item Key="scope">openid profile email</Item>
                        <Item Key="HttpBinding">POST</Item>
                        <Item Key="UsePolicyInRedirectUri">0</Item>
                        <Item Key="client_id">xxxxxxxxxx</Item>
                    </Metadata>
                    <CryptographicKeys>
                        <Key Id="client_secret" StorageReferenceId="B2C_1A_MSASecret"/>
                    </CryptographicKeys>

                </TechnicalProfile>
            </TechnicalProfiles>
</ClaimsProvider>

The REST call is like this:

curl --location --request GET 'https://swapi.dev/api/films/1/'

What I am looking for is a way to integrate the REST call with the user journey. Appreciate the responses.

Upvotes: 0

Views: 271

Answers (1)

Chris Padgett
Chris Padgett

Reputation: 14674

This Azure AD B2C sample demonstrates how to log in to an external identity provider and then invoke a REST API.

An example of your user journey might be:

   <UserJourney Id="SignUpOrSignIn">
      <OrchestrationSteps>
        <OrchestrationStep Order="1" Type="ClaimsExchange">
          <ClaimsExchanges>
            <ClaimsExchange Id="MSA-OIDC" TechnicalProfileReferenceId="MSA-OIDC"/>
          </ClaimsExchanges>
        </OrchestrationStep>
        <OrchestrationStep Order="2" Type="ClaimsExchange">
          <ClaimsExchanges>
            <ClaimsExchange Id="REST-GetFilm" TechnicalProfileReferenceId="REST-GetFilm"/>
          </ClaimsExchanges>
        </OrchestrationStep>
        <OrchestrationStep Order="3" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
      </OrchestrationSteps>
    </UserJourney>

Upvotes: 1

Related Questions