Hi Community

We are trying to integrate our Web Application with Azure AD.

The flow is like this (most likely falls in Single Page Application scenario) :

1. The user from internet will browse to web page provided by hosted Azure AD instance and user will input username/password and Azure will authenticate the username password. This part is not a problem and its already provided by the OEM.

2. After successful authentication #1, Azure is supposed to redirect the user to our Web application. I am not sure how my web application can understand the username used to authenticate as my application will do authorization. I saw some sample messages, but i have some basic queries as the partner providing Azure AD services is not providing support for clarification:

My assumption is that Azure will send something like below (its my guess as i have least possible support from Azure provider):

GET https://login.microsoftonline.com/fabrikamb2c.onmicrosoft.com/oauth2/v2.0/authorize?

client_id=90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6

&response_type=code+id_token

&redirect_uri=https%3A%2F%2Faadb2cplayground.azurewebsites.net%2F

&response_mode=form_post

&scope=openid%20offline_access

&state=arbitrary_data_you_can_receive_in_the_response

&nonce=12345

&p=b2c_1_sign_in

a. How can my web application get to know the username, i understand profile of user is hidden in token. How can my web application decrypt it? Any idea what is the possible crypt techniques used by Azure.

b. How can web application receive the message sent by Azure.

c. How my web application construct the usable URL that opens the web application example: https://10.120.237.159:18090/oc/NIMenuJumpForDealer?Username=john.karl

Any feedback and suggestion are appreciated