2

I've successfully configured the Azure B2C service so that a Blazor WASM application will launch my B2C_1_Signin User Flow by navigating to /authentication/login in my application.

Now, I'm trying to launch my B2C_1_Signup User Flow. When I try /authentication/register, I get a message saying that Registration is not supported. I assume I am missing some configuration, but I can't find any documentation on how to proceed.

Here's what I've tried:

  1. In my wwwroot/appsettings.json, I've tried adding settings to tell MSAL what User Flows to use:
{
  "AzureAdB2C": {
    "Authority": "https://xxx/yyy/B2C_1_Signin",
    "ClientId": "0000-0000-0000",
    "ValidateAuthority": false,
    "SignUpPolicyId": "B2C_1_Signup",
    "SignInPolicyId": "B2C_1_Signin"
  }
}

...but this doesn't work.

  1. I crawled through the Microsoft.AspNetCore.Components.WebAssembly.Authentication source code until I found the Registration is not supported message. Based on the surrounding code, it looks like it is expecting a value in RemoteRegisterPath, so I modified my Program.cs as follows:
builder.Services.AddMsalAuthentication(options =>
{
    builder.Configuration.Bind("AzureAdB2C", options.ProviderOptions.Authentication);
    options.ProviderOptions.DefaultAccessTokenScopes.Add("openid");
    options.ProviderOptions.DefaultAccessTokenScopes.Add("offline_access");
    options.ProviderOptions.LoginMode = "redirect";

    options.AuthenticationPaths.RemoteRegisterPath = "https://xxx/yyy/B2C_1_Signup";
});

Doing this launches the User Flow, but it seems to need the full URL from the Azure B2C site:

https://xxx/yyy/oauth2/v2.0/authorize?p=B2C_1_Signup&client_id=0000-0000-0000&nonce=defaultNonce&redirect_uri=https%3A%2F%2Flocalhost%3A5001%2Fauthentication%2Flogin-callback&scope=openid&response_type=code&prompt=login&code_challenge_method=S256&code_challenge=F1ut2KaRX...

Since I don't want to handle the full PKCE exchange (e.g. - create the code_challenge and handle the returned code), I'm wondering how to proceed.

Doug Clutter
  • 3,646
  • 2
  • 29
  • 31
  • I'm having the same issue. Did you ever figure this out, by chance? – Martijn Sep 14 '22 at 09:46
  • 1
    @Martijn - Sorry but I never found a solution for this in .NET 6. Since .NET 7 is due to ship in November, I'll revisit this issue then. If I find an answer, I'll post it here. – Doug Clutter Sep 14 '22 at 22:12
  • Is there any option available in the previous versions (.net 5/3) to start the b2c user flows? using Microsoft.Identity.Web – Saravana Kumar Sep 29 '22 at 10:00
  • @SaravanaKumar I haven't found any way to do this. – Doug Clutter Sep 29 '22 at 17:24
  • @DougClutter seems like .NET 7 is finally giving us the option to specify a login hint which is exactly what I myself was after: https://devblogs.microsoft.com/dotnet/asp-net-core-updates-in-dotnet-7-rc-1/#dynamic-authentication-requests-in-blazor-webassembly – Martijn Oct 03 '22 at 12:16
  • Curious has anyone figured out how to do this in .Net 7? I have tried in the rc2 version and am able to add a loginHint and domainHint but not able to do the register or call a different userflow for sso. – David Oct 26 '22 at 17:35

0 Answers0