Azure Active Directory B2C Catching Error from Invitation Page

1
votes

We have a custom invitation flow, which receives a JWT in the id_token_hint parameter and extracts an email address from it.
That JWT has an expiry, and when a user clicks on an expired link, he is redirected to the login page.
Instead of redirecting the user to a login page, I want to intercept the error code that is returned from the invitation page in my application (using MSAL.js) and display an error message.
But the only form of "error code" that my application receives from the invitation page, is this:

AADB2C90208: The provided id_token_hint parameter is expired. Please provide another token and try again. Correlation ID: e49dbe44-fc02-4379-86e5-12a1347d5cc3 Timestamp: 2019-08-27 08:00:53Z

In the local storage.

Now, my guess is that I rely on the code AADB2C90208 to know that I was redirected due to invalid token, but I have some doubts.

  1. I can't find anything about that particular status code (AADB2C90208)
  2. The error message is in plain text, I have to extract the code with some kind of string expression, which makes me think that this is not what Microsoft had intended.

What do you think?

1
azure-active-directoryazure-ad-b2c

1 Answers

2
votes

When an error code is specific, dependency can be taken on the error code. There are plans from AADB2C to publish the error codes soon.

you can use this sample code to see how to user error codes https://github.com/Azure-Samples/active-directory-b2c-dotnet-webapp-and-webapi/blob/master/TaskWebApp/App_Start/Startup.Auth.cs#L87

Update

The error codes are documented here https://docs.microsoft.com/en-us/azure/active-directory-b2c/error-codes

For this specific case -

AADB2C90208 The provided id_token_hint parameter is expired. Please provide another token and try again.