Sign in Register
Go to solution
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Nathanuel 5 posts 85 karma points
    Dec 14, 2021 @ 13:02
    Nathanuel
    0

    Azure B2C for Backoffice Auth

    Hey,

    I was hoping someone might be able to provide a bit of help getting Azure B2C working to authenticate external users into the backoffice.

    I have implemented the suggested code here, however after redirecting out to B2C it just seems to return to /umbraco-signin-oidc and display a ERR_CONNECTION_REFUSED error in my browser.

    My auth code looks like below

    builder.AddBackOfficeExternalLogins(logins =>
        {
            builder.Services.ConfigureOptions<AzureAdAuthenticationBackOfficeExternalLoginProviderOptions>();

            logins.AddBackOfficeLogin(
                auth =>
                {
                    auth
                        .AddOpenIdConnect(
                        auth.SchemeForBackOffice(OpenIdConnectDefaults.AuthenticationScheme),
                        Constants.AzureAdB2C,
                            options =>
                            {
                                options.RemoteSignOutPath = "/oidc-signout";
                                options.MetadataAddress = "https://xx.b2clogin.com/landoswolerissiandev.onmicrosoft.com/B2C_1_signin1/v2.0/.well-known/openid-configuration";
                                options.ClientId = "xxxx";
                                options.SignedOutRedirectUri = "https://localhost:44323/umbraco";
                                options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
                                {
                                    NameClaimType = "name"
                                };
                            });
                });
        });
        return builder;

    If anyone has any advice or working examples in the latest versions of v9 that would be amazing!

    Thanks

    Copy Link
  • Kevin 5 posts 97 karma points
    Dec 15, 2021 @ 11:57
    Kevin
    0

    Maybe you are missing 

    options.CallbackPath = "/signin-oidc";
options.Scope.Add(options.ClientId);
    Copy Link
  • Kevin 5 posts 97 karma points
    Dec 15, 2021 @ 11:59
    Kevin
    0

    Also you could follow this here : https://www.scottbrady91.com/umbraco/backoffice-sso-openid-connect

    Copy Link
  • Nathanuel 5 posts 85 karma points
    Dec 15, 2021 @ 13:19
    Nathanuel
    0

    Hey Kevin

    Thanks for that!

    I've followed that and managed to get Umbraco redirecting out to B2C and authenticating now. It seems to link work perfectly when I link things via the user profile in their account.

    However when I try and use auto linking I get the following error:

    The requested provider (Umbraco.oidc) has not provided the email claim http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress, the account cannot be linked.

    My autolinking code is copy pasted from the docs here

    Copy Link
  • Kevin 5 posts 97 karma points
    Dec 16, 2021 @ 07:48
    Kevin
    100

    Yes I get this same error too. It seems Umbraco.oidc scheme does not get the email claim for some reason. I am stuck on this myself. This is one workaround I have found which might be helpful for you https://our.umbraco.com/forum/umbraco-9/107617-onautolinking-not-working#comment-335140

    Copy Link
  • Nathanuel 5 posts 85 karma points
    Dec 19, 2021 @ 10:12
    Nathanuel
    0

    Awesome Kevin!

    Thanks for the help. I can work around with this stuff.

    Appreciate it

    Copy Link
  • John A 6 posts 27 karma points
    Feb 02, 2022 @ 17:08
    John A
    0

    Hi Nathanuel,

    I was wondering if you have any suggestions implementing Azure B2C for members on an external site, not backoffice. Appreciate any help or pointers you can share.

    Thanks John

    Copy Link
  • Nathanuel 5 posts 85 karma points
    Feb 05, 2022 @ 10:04
    Nathanuel
    0

    I don't sorry, I was using B2C to authenticate the back office only

    Copy Link
  • Gurumurthy 54 posts 127 karma points
    Jun 13, 2023 @ 06:10
    Gurumurthy
    0

    Hello All,

    I am integrating with azure b2c authentication using the open id connect, by using the github, shared (https://github.com/jbreuer/Umbraco-OpenIdConnect-Example). this is for member authentication I am able to authenticate to my azure b2c and receiving all the token, but one of the scope parameter is missing from my access token. This is was tested in umbraco v11.3, and we I do have v8 implementation for the same b2c to get access token, in dot net framework i am getting the scope parameter, but in core the scope parameter is not listing. Also, this si an external api scope that is configured.

    https://xxxxdevb2c.onmicrosoft.com/web-api/api-scope this is the scope value which used in v8 dot net framework, but not able to add this type of url scope in dot net core.. as per below:

    options.Scope.Add("openid"); options.Scope.Add("profile"); options.Scope.Add("offline_access");

    Any suggestions, on how to add the url type scope in dot net core openid connect.

    Thanks,

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft