azure b2c for backoffice auth

Go to solution

Press Ctrl / CMD + C to copy this to your clipboard.

Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

Nathanuel 5 posts 85 karma points

Dec 14, 2021 @ 13:02

Umbraco 9

Hey,

I was hoping someone might be able to provide a bit of help getting Azure B2C working to authenticate external users into the backoffice.

I have implemented the suggested code here, however after redirecting out to B2C it just seems to return to /umbraco-signin-oidc and display a ERR_CONNECTION_REFUSED error in my browser.

My auth code looks like below

builder.AddBackOfficeExternalLogins(logins =>
        {
            builder.Services.ConfigureOptions<AzureAdAuthenticationBackOfficeExternalLoginProviderOptions>();

            logins.AddBackOfficeLogin(
                auth =>
                {
                    auth
                        .AddOpenIdConnect(
                        auth.SchemeForBackOffice(OpenIdConnectDefaults.AuthenticationScheme),
                        Constants.AzureAdB2C,
                            options =>
                            {
                                options.RemoteSignOutPath = "/oidc-signout";
                                options.MetadataAddress = "https://xx.b2clogin.com/landoswolerissiandev.onmicrosoft.com/B2C_1_signin1/v2.0/.well-known/openid-configuration";
                                options.ClientId = "xxxx";
                                options.SignedOutRedirectUri = "https://localhost:44323/umbraco";
                                options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
                                {
                                    NameClaimType = "name"
                                };
                            });
                });
        });
        return builder;

If anyone has any advice or working examples in the latest versions of v9 that would be amazing!

Thanks

Copy Link

Kevin 5 posts 97 karma points

Dec 15, 2021 @ 11:57
0
Maybe you are missing
```
options.CallbackPath = "/signin-oidc";
options.Scope.Add(options.ClientId);
```
Copy Link
Kevin 5 posts 97 karma points

Dec 15, 2021 @ 11:59

0

Also you could follow this here : https://www.scottbrady91.com/umbraco/backoffice-sso-openid-connect

Copy Link
Nathanuel 5 posts 85 karma points

Dec 15, 2021 @ 13:19

0

Hey Kevin

Thanks for that!

I've followed that and managed to get Umbraco redirecting out to B2C and authenticating now. It seems to link work perfectly when I link things via the user profile in their account.

However when I try and use auto linking I get the following error:

The requested provider (Umbraco.oidc) has not provided the email claim http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress, the account cannot be linked.

My autolinking code is copy pasted from the docs here

Copy Link
Kevin 5 posts 97 karma points

Dec 16, 2021 @ 07:48

100

Yes I get this same error too. It seems Umbraco.oidc scheme does not get the email claim for some reason. I am stuck on this myself. This is one workaround I have found which might be helpful for you https://our.umbraco.com/forum/umbraco-9/107617-onautolinking-not-working#comment-335140

Copy Link
Nathanuel 5 posts 85 karma points

Dec 19, 2021 @ 10:12

0

Awesome Kevin!

Thanks for the help. I can work around with this stuff.

Appreciate it

Copy Link
John A 6 posts 27 karma points

Feb 02, 2022 @ 17:08

0

Hi Nathanuel,

I was wondering if you have any suggestions implementing Azure B2C for members on an external site, not backoffice. Appreciate any help or pointers you can share.

Thanks John

Copy Link
Nathanuel 5 posts 85 karma points

Feb 05, 2022 @ 10:04

0

I don't sorry, I was using B2C to authenticate the back office only

Copy Link
is working on a reply...

Please Sign in or register to post replies