AAD B2C authorized Web Api test with Postman fails

0
votes

I would like to test a locally running web api authorized end point with Postman using AAD B2C with Microsoft account as identity provider. The web api is running well, I can authenticate from client apps (Web App and UWP app), but I am not able to test it with Postman because can't get a token. Without authorization the Postman works well.

I am using the following guideline: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/azure-ad-b2c-webapi?view=aspnetcore-3.0

The Postman's error message: enter image description here

Postman's settings: enter image description here

AAD B2C Applications:

enter image description here

AAD B2C Postman App properties: enter image description here

AAD B2C Postman App API access: enter image description here

Can you tell me any idea what's missing?

1
authenticationpostmanasp.net-core-webapiazure-ad-b2c

1 Answers

1
votes

I can repro your issue. Based on your capture, the Auth URL in postman setting(pic 2) , the host you are using is https://login.microsoftonline.com which will cause redirect uri issue while using MSA identity provider.

To solve this issue , you should use this host: https://{your-tenant-name}.b2clogin.com.

Details see this official doc :

When you set up an identity provider for sign-up and sign-in in your Azure Active Directory B2C (Azure AD B2C) application, you need to specify a redirect URL. You should no longer reference login.microsoftonline.com in your applications and APIs. Instead, use b2clogin.com for all new applications, and migrate existing applications from login.microsoftonline.com to b2clogin.com.

Hope it helps .