Skip to content

Latest commit

 

History

History
 
 

AAD-SignIn-with-REST

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

A B2C IEF Custom Policy which authenticates to AAD and calls a REST API for more claims

Community Help and Support

Use Stack Overflow to get support from the community. Ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before. Make sure that your questions or comments are tagged with [azure-ad-b2c]. If you find a bug in the sample, please raise the issue on GitHub Issues. To provide product feedback, visit the Azure Active Directory B2C Feedback page.

Scenario

This policy utilises passthrough authentication to B2C. The user wil NOT be stored within the B2C directory. Each authentication will call AAD retrieve the provided claims and then call a REST API to augment additional claims to send to the target Applications. This policy is based on the Azure AD Single tenant implementation as well as the "Integrate REST API claims" documentation.

Implementation

To implement this use case follow the following steps:

  1. Ensure you have followed the "Get Started with custom policies" steps within the Microsoft documentation site.
  2. Change the references in the B2C_1A_SignUpOrSignin_AADRest.xml policy from "yourtenant.onmicrosoft.com" to the name of your B2C Tenant.
  3. Update the OIDC-Contoso technical profile to reflect your azureAd tenant details as per the Microsoft dcumentation.
  4. Update the REST-GetCRMData technical profile to represent your API as per the Microsoft docmentation.
  5. Upload and run your policy.

Notes

This sample policy is based on SocialAndLocalAccountsWithMFA starter pack. However, any of the starter pack policies should work for this. All changes are marked with 'Sample:' comment inside the policy XML files. Make the necessary changes in the 'Sample action required' sections.