How to use a dynamic Bearer token in restful technical profile in ADB2C?

Question

I have an API that I could access using a bearer token that has a TTL of 1 hour. I need to consume this API through ADB2C.

As per the Microsoft Documentation, the bearer token is read from a policy Key B2C_1A_B2cRestClientAccessToken:

<TechnicalProfile Id="REST-API-SignUp">
  <DisplayName>Validate user's input data and return loyaltyNumber claim</DisplayName>
  <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
  <Metadata>
    <Item Key="ServiceUrl">https://your-app-name.azurewebsites.NET/api/identity/signup</Item>
    <Item Key="AuthenticationType">Bearer</Item>
    <Item Key="SendClaimsIn">Body</Item>
  </Metadata>
  <CryptographicKeys>
    <Key Id="BearerAuthenticationToken" StorageReferenceId="B2C_1A_B2cRestClientAccessToken" />
  </CryptographicKeys>
</TechnicalProfile>

However, the policy key (B2C_1A_B2cRestClientAccessToken) is static whereas in my case, the bearer token needs to be retrieved everytime the API needs to be consumed by ADB2C. How do I accomplish this?

score 0 · Answer 1 · answered Jun 07 '23 at 07:32

The following Microsoft document seems to explain how to acquire an access token and use in everytime the API needs to be consumed. I'm yet to test it but it seems completely covered:

https://learn.microsoft.com/en-us/azure/active-directory-b2c/secure-rest-api?tabs=windows&pivots=b2c-custom-policy#prerequisites

How to use a dynamic Bearer token in restful technical profile in ADB2C?

1 Answers1