Forum Discussion
Ian_Morrish
Mar 09, 2022Brass Contributor
Azure B2C oidc authentication with SPSE failed
My AuthorizationEndpoint is defined in SP as
But when SP redirects, it drops the p=b2c_1a_signup_signin" and just has ?client_id=xxx...
Resulting in 404
I'm using custom Exp Framework in B2C so I can specify known x5c certificate for which the .cer is added to SP
Has anyone else got this to work?
- Ian_MorrishBrass ContributorThink I found my problem, should be using OpenID connect format, not OAuth2. Very subtle difference where the flow name goes.
GET https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/authorize?- Steve ZhangMicrosoftThank you Ian for trying on OIDC in SPSE. Good to know that you sorted out the problem.
Please let us know if you have further problem or suggestion regarding SharePoint Server authentication.- Ian_MorrishBrass ContributorHmmm, still didn't work because SharePoint adds ?Source=/ to the redirect_uri which B2C apps don’t allow (Azure AD does allow and sample guide for configuring OIDC in Azure AD shows modifying the manafest to allow /* which is blocked in B2C).
URL Rewrite to the rescue. Handling the Password Rest flow from B2C is a little more tricky.