Using Blazor, AD B2C and API Manager

Graham Allwood 306 Reputation points
2021-03-24T13:25:15.267+00:00

Hi,

I am using Azure AD B2C to secure my Blazor app and API’s.

I have APIM fronting a set of Azure Fuctions.

I can authenticate the user ok, using the MsalAuthentication class (well, the builder.Services.AddMsalAuthentication method). As it pointed out in the docs, hereadditional-scenarios, with a few tweeks as the Applications base address is different from the API base address.

The issue I have is described here and the solution is that I need to be requesting an Access token from Azure when I authenticate – I think. My big issue, is I don’t know how to configure either the Azure B2C Aplication, or the Msal classes in the Blazor app to request the Access token. Using IE Web Dev Tools, I can see I am only getting an ID Token once authenticated.

Thanks for any help you have.

Graham

Blazor
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,605 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,937 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,299 questions
{count} votes

Accepted answer
  1. Graham Allwood 306 Reputation points
    2021-04-09T13:02:35.07+00:00

    Hi @JamesTran-MSFT , thanks for getting in touch.

    I have solved the issue now. My problem was due the scope I was requesting when authenticating. For some reason, in the Program.cs file, when configuring the Msal Authentication provider. When I included the Default scope for my Server API, I managed to get the scope name wrong (the one that needs to be qualified with the AD organisation).

    Once I corrected this, I was able to get the correct token returned and it's all working now.

    Thanks.

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Prokash Singha 1 Reputation point
    2021-04-09T13:08:12.137+00:00

  2. yassen 1 Reputation point
    2021-08-31T16:12:25.193+00:00

    Or, you can get it for free Here

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.