does the azure App Service Authentication module suport azure aad b2c?

2
votes

I have a UWP app that needs a backend. I want to use azure app service and need set an authentication for the background. The App Service Authentication module can easily set and Authentication for the app.

I wish to use AAD B2C, but the App Service authentication module say that it does not support aad 2.0/msal. So, does the App Service Authentication module can support AAD B2C?

And, how can I verify the AAD B2C token signature on the webservice? Microsoft doc said can use some library to verify the AAD B2C token signature, can msal be used to Verify the AAD B2C token signature on a asp.net core web service?

1
azureuwpazure-active-directoryazure-web-app-servicemsal

1 Answers

2
votes

does the App Service Authentication module can support AAD B2C?

Yes, App Service easy auth supports AAD B2C, you can configure it under Advanced management mode.

enter image description here

Set the Client ID to be the Application Client ID from Azure AD B2C tenant.

Set the Issue URL to be the Metadata Endpoint for the policy.

https://tonyb2ctest.b2clogin.com/tonyb2ctest.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_testsignupin

Note: don't forget to set the reply url in azure ad tenant application https://XXX.azurewebsites.net/.auth/login/aad/callback

how can I verify the AAD B2C token signature on the webservice?

Many open-source libraries are available for validating JWTs, it doesn't matter with Azure App service.