admin管理员组文章数量:1404615
I'm trying to Federate from one ADB2C tenant to another ADB2C tenant.
I'm following the doc:
The identity provider tenant has a restriction that the authorization endpoint will work only if the authorization endpoint contains a list of specific query parameters. However, since the authorize endpoint is self constructed in ADB2C using Well-known openid config, I'm not sure how I would be able to add the query params to the authorize endpoint.
I tried to add the query params as Item Key as follows which isn't working:
I also tried to add the query params directly to Metadata which says incorrect xml format. Example:
Both the above approach aren't working. I'm thinking of using OAuth2 Protocol provider and test if I could do something with it. But I doubt that's even possible. Anyone else has any solution for this
I'm trying to Federate from one ADB2C tenant to another ADB2C tenant.
I'm following the doc:
https://learn.microsoft/en-us/azure/active-directory-b2c/identity-provider-azure-ad-b2c?pivots=b2c-custom-policy
The identity provider tenant has a restriction that the authorization endpoint will work only if the authorization endpoint contains a list of specific query parameters. However, since the authorize endpoint is self constructed in ADB2C using Well-known openid config, I'm not sure how I would be able to add the query params to the authorize endpoint.
I tried to add the query params as Item Key as follows which isn't working:
I also tried to add the query params directly to Metadata which says incorrect xml format. Example:
Both the above approach aren't working. I'm thinking of using OAuth2 Protocol provider and test if I could do something with it. But I doubt that's even possible. Anyone else has any solution for this
Share Improve this question asked Mar 10 at 16:00 TheGreatApeTheGreatApe 505 bronze badges 1- Can you use the "state" parameter? It can be a string of any content. Pl see this link for more info: learn.microsoft/en-us/azure/active-directory-b2c/… – SoftwareDveloper Commented Mar 10 at 17:49
1 Answer
Reset to default 1You can add additional query string parameters to the /authorize request by adding them as additional input parameters to the OpenID Connect technical profile:
<InputClaims>
<InputClaim ClaimTypeReferenceId="domain_hint" DefaultValue="contoso" />
</InputClaims>
You can do the usual InputClaims things of mapping to claims that already have values or setting the name of the query string parameter as something separate to the name of the claim
<!-- domainHint has been pre-populated, e.g. based on user's email domain -->
<InputClaims>
<InputClaim ClaimTypeReferenceId="domainHint" PartnerClaimType="domain_hint" />
</InputClaims>
Your metadata XML issue is something slightly separate. There you need to escape the ampersands:
<Item Key="METADATA">{base-path}/.well-known/openid-configuration?query_1=value&query2=value&query_3=value</Item>
Though unless you need to pass fixed query string parameters to the OIDC metadata endpoint there's no need to do that at all.
本文标签:
版权声明:本文标题:oauth 2.0 - How To Add Query Params in ADB2C to ADB2C Federated Authentication Using OIDC protocol - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1744836249a2627645.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论