Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Nathanuel 5 posts 85 karma points
    Dec 14, 2021 @ 13:02
    Nathanuel
    0

    Azure B2C for Backoffice Auth

    Hey,

    I was hoping someone might be able to provide a bit of help getting Azure B2C working to authenticate external users into the backoffice.

    I have implemented the suggested code here, however after redirecting out to B2C it just seems to return to /umbraco-signin-oidc and display a ERR_CONNECTION_REFUSED error in my browser.

    My auth code looks like below

    builder.AddBackOfficeExternalLogins(logins =>
            {
                builder.Services.ConfigureOptions<AzureAdAuthenticationBackOfficeExternalLoginProviderOptions>();
    
                logins.AddBackOfficeLogin(
                    auth =>
                    {
                        auth
                            .AddOpenIdConnect(
                            auth.SchemeForBackOffice(OpenIdConnectDefaults.AuthenticationScheme),
                            Constants.AzureAdB2C,
                                options =>
                                {
                                    options.RemoteSignOutPath = "/oidc-signout";
                                    options.MetadataAddress = "https://xx.b2clogin.com/landoswolerissiandev.onmicrosoft.com/B2C_1_signin1/v2.0/.well-known/openid-configuration";
                                    options.ClientId = "xxxx";
                                    options.SignedOutRedirectUri = "https://localhost:44323/umbraco";
                                    options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
                                    {
                                        NameClaimType = "name"
                                    };
                                });
                    });
            });
            return builder;
    

    If anyone has any advice or working examples in the latest versions of v9 that would be amazing!

    Thanks

  • Kevin 5 posts 97 karma points
    Dec 15, 2021 @ 11:57
    Kevin
    0

    Maybe you are missing

    options.CallbackPath = "/signin-oidc";
    options.Scope.Add(options.ClientId);
    
  • Kevin 5 posts 97 karma points
    Dec 15, 2021 @ 11:59
  • Nathanuel 5 posts 85 karma points
    Dec 15, 2021 @ 13:19
    Nathanuel
    0

    Hey Kevin

    Thanks for that!

    I've followed that and managed to get Umbraco redirecting out to B2C and authenticating now. It seems to link work perfectly when I link things via the user profile in their account.

    However when I try and use auto linking I get the following error:

    The requested provider (Umbraco.oidc) has not provided the email claim http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress, the account cannot be linked.

    My autolinking code is copy pasted from the docs here

  • Kevin 5 posts 97 karma points
    Dec 16, 2021 @ 07:48
    Kevin
    100

    Yes I get this same error too. It seems Umbraco.oidc scheme does not get the email claim for some reason. I am stuck on this myself. This is one workaround I have found which might be helpful for you https://our.umbraco.com/forum/umbraco-9/107617-onautolinking-not-working#comment-335140

  • Nathanuel 5 posts 85 karma points
    Dec 19, 2021 @ 10:12
    Nathanuel
    0

    Awesome Kevin!

    Thanks for the help. I can work around with this stuff.

    Appreciate it

  • John A 6 posts 27 karma points
    Feb 02, 2022 @ 17:08
    John A
    0

    Hi Nathanuel,

    I was wondering if you have any suggestions implementing Azure B2C for members on an external site, not backoffice. Appreciate any help or pointers you can share.

    Thanks John

  • Nathanuel 5 posts 85 karma points
    Feb 05, 2022 @ 10:04
    Nathanuel
    0

    I don't sorry, I was using B2C to authenticate the back office only

Please Sign in or register to post replies

Write your reply to:

Draft