Azure AD B2C Configure Multiple Sign on Policies

1
votes

I would like to implement multiple sign up/sign in policies in Azure AD B2C similar to this question but I don't know how to configure my solution in Visual Studio to reference the different signup policies specified in the web.config file. Can anyone help please?

1
azureazure-ad-b2c
You could follow the second method in your link.SunnySun
Thanks Sunny, it's just that I would prefer to have separate logins for the different user types, similar to the demo in azure.microsoft.com/en-gb/resources/samples/…Benji Kok

1 Answers

0
votes

You can invoke a different policy for a different type of user by passing the requested policy from a controller method to the authentication middleware:

public IActionResult LogInForIndividualCustomer()
{
        return LogInFor(Constants.AuthenticationSchemes.B2COpenIdConnect, Constants.Policies.SignUpOrSignInWithPersonalAccount);
}

private IActionResult LogInFor(string authenticationScheme, string policy)
{
    if (!User.Identity.IsAuthenticated)
    {
        return new ChallengeResult(
            authenticationScheme,
            new AuthenticationProperties(
                new Dictionary<string, string>
                {
                    {Constants.AuthenticationProperties.Policy, policy}
                })
            {
                RedirectUri = Url.Action("LoggedIn", "Account", values: null, protocol: Request.Scheme)
            });
    }

    return RedirectToHome();
}

and then setting the redirection URL for the requested policy in the authentication middleware:

OnRedirectToIdentityProvider = async context =>
{
    var policy = context.Properties.Items.ContainsKey(Constants.AuthenticationProperties.Policy) ? context.Properties.Items[Constants.AuthenticationProperties.Policy] : Constants.Policies.SignUpOrSignInWithPersonalAccount;
    var configuration = await GetB2COpenIdConnectConfigurationAsync(context, policy);
    context.ProtocolMessage.IssuerAddress = configuration.AuthorizationEndpoint;
}