Azure AD - Sign Up without B2C
up vote
1
down vote
favorite
I've been messing around with MSAL having previously used ADAL for sign up & secure API calls within AAD
I have a user case now requiring sign up and sign in but bafflingly MSAL - even tho there's a method for returning user name - is incapable currently of returning you anything about the user from the B2C token
The workaround seems horribly contrived so I'm considering abandoning MSAL and going back to ADAL or other providing the Sign Up or Sign in is also available
Can anyone recommend me a library or method of achieving Sign Up directly into AAD using ADAL or other please?
azure-active-directory adal msal asked Nov 7 at 12:36
Journeyman1234
318
add a comment |
up vote
1
down vote
favorite
I've been messing around with MSAL having previously used ADAL for sign up & secure API calls within AAD
I have a user case now requiring sign up and sign in but bafflingly MSAL - even tho there's a method for returning user name - is incapable currently of returning you anything about the user from the B2C token
The workaround seems horribly contrived so I'm considering abandoning MSAL and going back to ADAL or other providing the Sign Up or Sign in is also available
Can anyone recommend me a library or method of achieving Sign Up directly into AAD using ADAL or other please?
azure-active-directory adal msal asked Nov 7 at 12:36
Journeyman1234
318
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I've been messing around with MSAL having previously used ADAL for sign up & secure API calls within AAD
I have a user case now requiring sign up and sign in but bafflingly MSAL - even tho there's a method for returning user name - is incapable currently of returning you anything about the user from the B2C token
The workaround seems horribly contrived so I'm considering abandoning MSAL and going back to ADAL or other providing the Sign Up or Sign in is also available
Can anyone recommend me a library or method of achieving Sign Up directly into AAD using ADAL or other please?
azure-active-directory adal msal asked Nov 7 at 12:36
Journeyman1234
318
I've been messing around with MSAL having previously used ADAL for sign up & secure API calls within AAD
I have a user case now requiring sign up and sign in but bafflingly MSAL - even tho there's a method for returning user name - is incapable currently of returning you anything about the user from the B2C token
The workaround seems horribly contrived so I'm considering abandoning MSAL and going back to ADAL or other providing the Sign Up or Sign in is also available
Can anyone recommend me a library or method of achieving Sign Up directly into AAD using ADAL or other please?
azure-active-directory adal msal azure-active-directory adal msal asked Nov 7 at 12:36
Journeyman1234
318
asked Nov 7 at 12:36
Journeyman1234
318
asked Nov 7 at 12:36
Journeyman1234
318
asked Nov 7 at 12:36
Journeyman1234
318
asked Nov 7 at 12:36
Journeyman1234
318
318
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
up vote
1
down vote
is incapable currently of returning you anything about the user from
the B2C token
ADAL supports for v1 endpoint.B2C uses v2 endpoint, and the MSAL is designed to support v2, so you could not use ADAL for the B2C Sign Up. If you want to get user information in the token, suggest you use the OpenId Connect. In the OpenId Connect, the id_token includes the user information.
You could use jwt.io to parse the id_token, and you could find username in the id_token:
For the details about OpenId Connect in B2C, please read here.
answered Nov 8 at 3:30
SunnySun
818116
Thank you. I did find a long winded way of doing what I want but it meant embedding a client secret in my app, amazingly that's the recommended way of doing it!
– Journeyman1234
Nov 8 at 9:03
1
You are welcome. Later if there is anything update, please let me know, thanks!
– SunnySun
Nov 8 at 9:18
@Journeyman1234 Are you adding the client_secret key to your app code to retrieve the bearer token?
– DeanB_Develop
Nov 8 at 12:34
@DeanB_Develop - yes, which just feels wrong. But it works. So what happens is my user authenticates using MSAL and retrieves a token. I then make a call to the AAD GraphAPI (which is where the secret comes in) to return me a user matching the unique ID of the token
– Journeyman1234
Nov 8 at 15:49
Have you tried to usethis.authService.acquireTokenSilent(...)? This returns a bearertoken than can be used by the API and doesn't require a client_secret. Using a client-secret is good forGet access without a useror oAuth 2.0 auth code grant. However, in this case, you're using a signed-in user and OpenID Connect (this.authService.acquireTokenSilent) will work. I hope.
– DeanB_Develop
Nov 9 at 15:42
|
show 2 more comments
up vote
0
down vote
ADAL and MSAL are incompatible
MSAL doesn't support Graph
OpenID Connect needs an authorisation code so isn't appropriate for the workflow
The answer I figured out was to install ADAL into my API, then when the user logs in on the app send securely the GUID from the token to the API which can then communicate with the Graph and return user profile info
answered Nov 12 at 15:54
Journeyman1234
318
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
is incapable currently of returning you anything about the user from
the B2C token
ADAL supports for v1 endpoint.B2C uses v2 endpoint, and the MSAL is designed to support v2, so you could not use ADAL for the B2C Sign Up. If you want to get user information in the token, suggest you use the OpenId Connect. In the OpenId Connect, the id_token includes the user information.
You could use jwt.io to parse the id_token, and you could find username in the id_token:
For the details about OpenId Connect in B2C, please read here.
answered Nov 8 at 3:30
SunnySun
818116
Thank you. I did find a long winded way of doing what I want but it meant embedding a client secret in my app, amazingly that's the recommended way of doing it!
– Journeyman1234
Nov 8 at 9:03
1
You are welcome. Later if there is anything update, please let me know, thanks!
– SunnySun
Nov 8 at 9:18
@Journeyman1234 Are you adding the client_secret key to your app code to retrieve the bearer token?
– DeanB_Develop
Nov 8 at 12:34
@DeanB_Develop - yes, which just feels wrong. But it works. So what happens is my user authenticates using MSAL and retrieves a token. I then make a call to the AAD GraphAPI (which is where the secret comes in) to return me a user matching the unique ID of the token
– Journeyman1234
Nov 8 at 15:49
Have you tried to usethis.authService.acquireTokenSilent(...)? This returns a bearertoken than can be used by the API and doesn't require a client_secret. Using a client-secret is good forGet access without a useror oAuth 2.0 auth code grant. However, in this case, you're using a signed-in user and OpenID Connect (this.authService.acquireTokenSilent) will work. I hope.
– DeanB_Develop
Nov 9 at 15:42
|
show 2 more comments
up vote
1
down vote
is incapable currently of returning you anything about the user from
the B2C token
ADAL supports for v1 endpoint.B2C uses v2 endpoint, and the MSAL is designed to support v2, so you could not use ADAL for the B2C Sign Up. If you want to get user information in the token, suggest you use the OpenId Connect. In the OpenId Connect, the id_token includes the user information.
You could use jwt.io to parse the id_token, and you could find username in the id_token:
For the details about OpenId Connect in B2C, please read here.
answered Nov 8 at 3:30
SunnySun
818116
Thank you. I did find a long winded way of doing what I want but it meant embedding a client secret in my app, amazingly that's the recommended way of doing it!
– Journeyman1234
Nov 8 at 9:03
1
You are welcome. Later if there is anything update, please let me know, thanks!
– SunnySun
Nov 8 at 9:18
@Journeyman1234 Are you adding the client_secret key to your app code to retrieve the bearer token?
– DeanB_Develop
Nov 8 at 12:34
@DeanB_Develop - yes, which just feels wrong. But it works. So what happens is my user authenticates using MSAL and retrieves a token. I then make a call to the AAD GraphAPI (which is where the secret comes in) to return me a user matching the unique ID of the token
– Journeyman1234
Nov 8 at 15:49
Have you tried to usethis.authService.acquireTokenSilent(...)? This returns a bearertoken than can be used by the API and doesn't require a client_secret. Using a client-secret is good forGet access without a useror oAuth 2.0 auth code grant. However, in this case, you're using a signed-in user and OpenID Connect (this.authService.acquireTokenSilent) will work. I hope.
– DeanB_Develop
Nov 9 at 15:42
|
show 2 more comments
up vote
1
down vote
up vote
1
down vote
is incapable currently of returning you anything about the user from
the B2C token
ADAL supports for v1 endpoint.B2C uses v2 endpoint, and the MSAL is designed to support v2, so you could not use ADAL for the B2C Sign Up. If you want to get user information in the token, suggest you use the OpenId Connect. In the OpenId Connect, the id_token includes the user information.
You could use jwt.io to parse the id_token, and you could find username in the id_token:
For the details about OpenId Connect in B2C, please read here.
answered Nov 8 at 3:30
SunnySun
818116
is incapable currently of returning you anything about the user from
the B2C token
ADAL supports for v1 endpoint.B2C uses v2 endpoint, and the MSAL is designed to support v2, so you could not use ADAL for the B2C Sign Up. If you want to get user information in the token, suggest you use the OpenId Connect. In the OpenId Connect, the id_token includes the user information.
You could use jwt.io to parse the id_token, and you could find username in the id_token:
For the details about OpenId Connect in B2C, please read here.
answered Nov 8 at 3:30
SunnySun
818116
edited Nov 8 at 5:15
answered Nov 8 at 3:30
SunnySun
818116
answered Nov 8 at 3:30
SunnySun
818116
answered Nov 8 at 3:30
SunnySun
818116
818116
Thank you. I did find a long winded way of doing what I want but it meant embedding a client secret in my app, amazingly that's the recommended way of doing it!
– Journeyman1234
Nov 8 at 9:03
1
You are welcome. Later if there is anything update, please let me know, thanks!
– SunnySun
Nov 8 at 9:18
@Journeyman1234 Are you adding the client_secret key to your app code to retrieve the bearer token?
– DeanB_Develop
Nov 8 at 12:34
@DeanB_Develop - yes, which just feels wrong. But it works. So what happens is my user authenticates using MSAL and retrieves a token. I then make a call to the AAD GraphAPI (which is where the secret comes in) to return me a user matching the unique ID of the token
– Journeyman1234
Nov 8 at 15:49
Have you tried to usethis.authService.acquireTokenSilent(...)? This returns a bearertoken than can be used by the API and doesn't require a client_secret. Using a client-secret is good forGet access without a useror oAuth 2.0 auth code grant. However, in this case, you're using a signed-in user and OpenID Connect (this.authService.acquireTokenSilent) will work. I hope.
– DeanB_Develop
Nov 9 at 15:42
|
show 2 more comments
Thank you. I did find a long winded way of doing what I want but it meant embedding a client secret in my app, amazingly that's the recommended way of doing it!
– Journeyman1234
Nov 8 at 9:03
1
You are welcome. Later if there is anything update, please let me know, thanks!
– SunnySun
Nov 8 at 9:18
@Journeyman1234 Are you adding the client_secret key to your app code to retrieve the bearer token?
– DeanB_Develop
Nov 8 at 12:34
@DeanB_Develop - yes, which just feels wrong. But it works. So what happens is my user authenticates using MSAL and retrieves a token. I then make a call to the AAD GraphAPI (which is where the secret comes in) to return me a user matching the unique ID of the token
– Journeyman1234
Nov 8 at 15:49
Have you tried to usethis.authService.acquireTokenSilent(...)? This returns a bearertoken than can be used by the API and doesn't require a client_secret. Using a client-secret is good forGet access without a useror oAuth 2.0 auth code grant. However, in this case, you're using a signed-in user and OpenID Connect (this.authService.acquireTokenSilent) will work. I hope.
– DeanB_Develop
Nov 9 at 15:42
Thank you. I did find a long winded way of doing what I want but it meant embedding a client secret in my app, amazingly that's the recommended way of doing it!
– Journeyman1234
Nov 8 at 9:03
Thank you. I did find a long winded way of doing what I want but it meant embedding a client secret in my app, amazingly that's the recommended way of doing it!
– Journeyman1234
Nov 8 at 9:03
1
1
You are welcome. Later if there is anything update, please let me know, thanks!
– SunnySun
Nov 8 at 9:18
You are welcome. Later if there is anything update, please let me know, thanks!
– SunnySun
Nov 8 at 9:18
@Journeyman1234 Are you adding the client_secret key to your app code to retrieve the bearer token?
– DeanB_Develop
Nov 8 at 12:34
@Journeyman1234 Are you adding the client_secret key to your app code to retrieve the bearer token?
– DeanB_Develop
Nov 8 at 12:34
@DeanB_Develop - yes, which just feels wrong. But it works. So what happens is my user authenticates using MSAL and retrieves a token. I then make a call to the AAD GraphAPI (which is where the secret comes in) to return me a user matching the unique ID of the token
– Journeyman1234
Nov 8 at 15:49
@DeanB_Develop - yes, which just feels wrong. But it works. So what happens is my user authenticates using MSAL and retrieves a token. I then make a call to the AAD GraphAPI (which is where the secret comes in) to return me a user matching the unique ID of the token
– Journeyman1234
Nov 8 at 15:49
Have you tried to use
this.authService.acquireTokenSilent(...) ? This returns a bearertoken than can be used by the API and doesn't require a client_secret. Using a client-secret is good for Get access without a user or oAuth 2.0 auth code grant. However, in this case, you're using a signed-in user and OpenID Connect (this.authService.acquireTokenSilent) will work. I hope.– DeanB_Develop
Nov 9 at 15:42
Have you tried to use
this.authService.acquireTokenSilent(...) ? This returns a bearertoken than can be used by the API and doesn't require a client_secret. Using a client-secret is good for Get access without a user or oAuth 2.0 auth code grant. However, in this case, you're using a signed-in user and OpenID Connect (this.authService.acquireTokenSilent) will work. I hope.– DeanB_Develop
Nov 9 at 15:42
|
show 2 more comments
up vote
0
down vote
ADAL and MSAL are incompatible
MSAL doesn't support Graph
OpenID Connect needs an authorisation code so isn't appropriate for the workflow
The answer I figured out was to install ADAL into my API, then when the user logs in on the app send securely the GUID from the token to the API which can then communicate with the Graph and return user profile info
answered Nov 12 at 15:54
Journeyman1234
318
add a comment |
up vote
0
down vote
ADAL and MSAL are incompatible
MSAL doesn't support Graph
OpenID Connect needs an authorisation code so isn't appropriate for the workflow
The answer I figured out was to install ADAL into my API, then when the user logs in on the app send securely the GUID from the token to the API which can then communicate with the Graph and return user profile info
answered Nov 12 at 15:54
Journeyman1234
318
add a comment |
up vote
0
down vote
up vote
0
down vote
ADAL and MSAL are incompatible
MSAL doesn't support Graph
OpenID Connect needs an authorisation code so isn't appropriate for the workflow
The answer I figured out was to install ADAL into my API, then when the user logs in on the app send securely the GUID from the token to the API which can then communicate with the Graph and return user profile info
answered Nov 12 at 15:54
Journeyman1234
318
ADAL and MSAL are incompatible
MSAL doesn't support Graph
OpenID Connect needs an authorisation code so isn't appropriate for the workflow
The answer I figured out was to install ADAL into my API, then when the user logs in on the app send securely the GUID from the token to the API which can then communicate with the Graph and return user profile info
answered Nov 12 at 15:54
Journeyman1234
318
answered Nov 12 at 15:54
Journeyman1234
318
answered Nov 12 at 15:54
Journeyman1234
318
answered Nov 12 at 15:54
Journeyman1234
318
318
add a comment |
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53189620%2fazure-ad-sign-up-without-b2c%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
