Could you please clarify if there is a suggested implementation path for Azure B2C integration?
Thanks, Yaroslav
Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.
If you're creating a bug/problem report, please include followings:
- ABP Framework version: v4.4.2
- UI type: Blazor
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): no
- Exception message and stack trace:
- Steps to reproduce the issue:"
5 Answer(s)
-
0
hi
Did you check the Identity Server document? http://docs.identityserver.io/en/latest/topics/signin_external_providers.html
-
0
Hi,
I have implemented steps from https://support.aspnetzero.com/QA/Questions/6525/Update-on-External-Identity-Provider-config-for-AAD-B2C-OpenID with some modifications as below and it worked but asked to enter email address after authentication.
Could you pleasae help me with following quesitons: a) Is it possible to remove email registation because email already exists in claim? b) It looks like on abp logout a user still login to B2C. What needs to be done to enable it?
if (bool.Parse(configuration["Authentication:OpenId:IsEnabled"])) { context.Services.AddAuthentication() .AddOpenIdConnect(options => { options.SignInScheme = IdentityConstants.ExternalScheme; options.ClientId = configuration["Authentication:OpenId:ClientId"]; options.Authority = configuration["Authentication:OpenId:Authority"]; options.SignedOutRedirectUri = configuration["App:SelfUrl"] + "Account/Logout"; options.ResponseType = OpenIdConnectResponseType.IdToken; options.SaveTokens = true; options.MetadataAddress = "https://<tennant>.b2clogin.com/<tennant>.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_SignUp_SignIn"; options.GetClaimsFromUserInfoEndpoint = true; options.ClaimActions.MapAll(); var clientSecret = configuration["Authentication:OpenId:ClientSecret"]; if (!clientSecret.IsNullOrEmpty()) { options.ClientSecret = clientSecret; } options.Events = new OpenIdConnectEvents() { OnTokenValidated = (context) => { var email = context.Principal.FindFirstValue("emails"); //initial test:emails => email first when multiple emails ClaimsIdentity claimsId = context.Principal.Identity as ClaimsIdentity; claimsId?.AddClaim(new Claim(ClaimTypes.NameIdentifier, $@"{email}")); return Task.FromResult(0); } }; }); }
-
0
hi
but asked to enter email address after authentication.
Can you share some screenshots?
because email already exists in claim?
It needs the claims type is
AbpClaimTypes.Email
-
0
Hi,
- The first login scenario was fixed.
- What about logout from B2C?
Thanks, Yaroslav
-
0
- What about logout from B2C?
You can check microsoft docs about single signout behaviour.