Error fetching Azure AD B2C token

0
votes

I am using Azure AD B2C for my web application's user identity requirements. I'm using ASP.NET Core 2.0 Razor Pages project to build the web application.

If the user is not authenticated when trying to access a web page they are routed to the Azure AD B2C login page. They are then returned to my web app if successfully authenticated.

I am trying to get hold of the returned JWT token using this document https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-access-tokens

I keep getting the following error:

enter image description here

I am using the following code to retrieve the token.

string url = $"https://login.microsoftonline.com/{this._options.Domain}/oauth2/v2.0/authorize?";
            string policy = this._options.SignUpSignInPolicyId;
            string clientid = this._options.ClientId;
            string grantType = "authorization_code";
            Random random = new Random();
            int nonce = random.Next();
            string redirectUri = WebUtility.UrlEncode("https://localhost:44315/");
            string scope = WebUtility.UrlEncode($"https://{this._options.Domain}/notes/openid");
            const string responseType = "code";

            string request =
                $"{url}p={policy}" +
                $"&client_id={clientid}" +
                $"&grant_type={grantType}" +
                $"&nonce={nonce}" +
                $"&redirect_uri={redirectUri}" +
                $"&scope={scope}" +
                $"&response_type={responseType}";

            var response = await GetData(request);
1
azureasp.net-coreazure-ad-b2crazor-pages
Hi @DomBurf. Can you please clarify whether you are building the authorization request up or the token request in the above code?Chris Padgett
Hi I am building the token request.DomBurf
My ASP.NET Core 2.0 web app is using Azure AD B2C for identity signup / signin. I want to retrieve the JWT token that is returned when a user logs in. Any examples would be much appreciated.DomBurf

1 Answers

2
votes

It would seem that the claims returned from Azure AD B2C are contained within the User.Claims object. 

if (User.Identity.IsAuthenticated)
{
    Claim emailClaim = User.Claims.FirstOrDefault(claim => claim.Type == "emails");
    Claim isNewClaim = User.Claims.FirstOrDefault(claim => claim.Type == "newUser");
}