Azure SWA - Adding Custom OIDC provider breaks auth

Question

It's a bit weird but I created Azure Static Web App with Azure Active Directory Auth. Now, I've added an OIDC provider (Azure B2C in my case) and the app stopped redirecting to the auth providers. Neither /.auth/login/b2c nor /.auth/login/aad. It literally redirects to /.auth/login/aad but not continuing to AD login page.

my code:

...
"auth": {
    "identityProviders": {
      "customOpenIdConnectProviders": {
        "b2c": {
          "enabled": true,
          "registration": {
            "clientIdSettingName": "<clientId>",
            "clientCredential": {
              "clientSecretSettingName": "<secredId>"
            },
            "openIdConnectConfiguration": {
              "wellKnownOpenIdConfiguration":
"https://<b2cName>.b2clogin.com/<b2cName>.onmicrosoft.com/B2C_1_signin/v2.0/.well-known/openid-configuration"
            }
          },
          "login": {
            "nameClaimType": "emails",
            "scopes": ["openid"]
          }
        }
      }
    }
  }

Not sure where's the problem.

score 0 · Answer 1 · answered Mar 04 '22 at 11:05

If the client ID and secrets were specified as Key Vault references, but the managed identity wasn't granted the required permissions on the Key Vault.

Try to create a required Key Vault access policy for the managed identity. the Key Vault references will be able to fix the auth issue.

Reference Link: https://learn.microsoft.com/en-us/azure/key-vault/general/assign-access-policy?tabs=azure-portal

Azure SWA - Adding Custom OIDC provider breaks auth

1 Answers1