0

I have a react front-end that sits behind a login with azure b2c, it allows the user to log in if they are registered in my tenant.

I then sent a access token to my backed which i receive using "react-aad-msal" :

signInAuthProvider.getAccessToken({
  scopes: ["https://tenantname.onmicrosoft.com/api/scope_name"],
});

When i send this token via a bearer-auth header to my .net core 3.1 back-end i receive a 401.

I am using the addazureadbearer service:

services.AddAuthentication(AzureADDefaults.JwtBearerAuthenticationScheme)
            .AddAzureADBearer(options => Configuration.Bind("AzureAd", options));

and my config section looks liek this:

  "AzureAd": {
"Instance": "https://login.microsoftonline.com/tenantname",
"TenantId": "tenantid",
"ClientId": "clientid",
"Audience": "https://tenantname.onmicrosoft.com/api/api.access"

}

i believe it is doing some sort of cross check as i get a 401 not a error being able to connect to azure.

Hawkzey
  • 1,088
  • 1
  • 11
  • 21
  • @Hawkzey Azure AD, Azure AD B2B and Azure AD B2C access token storages don't share the content. Switch your frontend to the simple Azure AD or your backend to the Azure AD B2C. Sample code for the backend: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/4-WebApp-your-API/4-2-B2C – Luke Duda Jul 29 '20 at 21:17
  • @LukeDuda If i am wanting to inv users to a tenant, and have them be able to log into the app, without creating an account through the signup policy, how would this be achieved. – Hawkzey Jul 29 '20 at 21:55

1 Answers1

1

You need to Authenticate with b2c, not with AAD

{
      "AzureAdB2C": {
        "Instance": "https://<your tenant name>.b2clogin.com",
        "ClientId": " your client id",
        "Domain": "your tenant domain",
    "TenantId": "your tenant id",
        "SignUpSignInPolicyId": "your policy name"
      }

Please refer to this github on .net core web API in b2c

Sruthi J
  • 1,524
  • 1
  • 5
  • 8