admin管理员组文章数量:1294341
I have a front-end Angular application and need to authenticate API calls using Azure AD B2C. My front end spa app is registered as a public client, and I want to authenticate and acquire tokens for API access without requiring the user to log in. I have tried different approaches but its not working, as its public client we cannot use client credential flow or oauth flow as it cannot securely store creds.
I have already implemented The user authentication via Angular Frontend using b2c and works fine.
export const msalConfig: Configuration = {
auth: {
clientId:"",
authority: "",
knownAuthorities: "",
redirectUri:"" ,
postLogoutRedirectUri: b2cConfigs.logoutRedirectUri,
},
cache: {
cacheLocation: BrowserCacheLocation.LocalStorage,
storeAuthStateInCookie: isIE,
},
system: {
loggerOptions: {
loggerCallback(logLevel: LogLevel, message: string) {},
logLevel: LogLevel.Verbose,
piiLoggingEnabled: false,
},
},
};
I am trying to authenticate few api's without a user authentication from my front end application which is a public client.
***Tried below ways already*******
Checked if we will get any token after MSAL is initialized using default scope: Result: If we try to fetch a token without an active account, it will error out with the message: "No active account found." This confirms that an active user session is required for token acquisition.
Tried assigning Application Permissions for spa to allow backend API access: Result: Not supported for SPAs, as they are public clients and cannot use the client credentials flow. This is because SPAs cannot securely store secrets.
Assigned Delegated Permissions instead of Application Permissions: Result: It requires an active account to acquire an access token. It needs an authenticated user for this to work.
Tried using the default scope and client credentials from the frontend: Result: Public clients (like SPAs) do not support the client credentials flow, so this approach does not work.
Proof Key for Code Exchange (PKCE): Result: It requires a user login to obtain an authorization code. Relies on the user's active session to authenticate and acquire a token.
本文标签:
版权声明:本文标题:authentication - Authenticating API Calls from Front-End Angular Application Using Azure AD B2C (Without User auth) - Stack Over 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741597854a2387518.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论