Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Azure AD B2C login not working when app is pushed to Azure service

Tags:

asp.net

openid-connect

azure

azure-ad-b2c

I have an Asp.Net core web app using Azure AD B2C for login. When I test it locally using the reply url http://localhost:54678/ in both the app and the settings in the Azure portal it works fine, I can login and the user is authenticated with no problem. But once I update the reply urls to the url of the app which is https://musdqapp.com, I start getting an error of:

message=Correlation failed

This is how i have set up the OpenIdConnectOptions

 app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions()
 {
   Authority = "https://login.microsoftonline.com/tfp" + "/ticketfortb2c.onmicrosoft.com" + "/B2C_1_ticket-fort" + "/v2.0",
   ClientId = "client_is", //the id of the b2c application
   ClientSecret = "secret",
   ResponseType = OpenIdConnectResponseType.IdToken,
   UseTokenLifetime = true,
   PostLogoutRedirectUri = "https://musdqapp.com/",
   Events = new OpenIdConnectEvents()
   {
     OnTokenValidated = SecurityTokenValidated,
     OnRemoteFailure = OnRemoteFailure
   }
 });

And on the Azure portal I have the reply url of the B2C app set to https://musdqapp.com/signin-oidc

like image 695
lagfvu Avatar asked Aug 22 '17 11:08

lagfvu

People also ask

How do I give access to Azure B2C?

Under Azure services, select Azure AD B2C. Or in the Azure portal, search for and select Azure AD B2C. In the left menu, under Manage, select Users. Select + New user.

How does Azure B2C authentication work?

Azure AD B2C provides various ways in which users can authenticate a user. Users can sign-in to a local account, by using username and password, phone verification (also known as password-less authentication). Email sign-up is enabled by default in your local account identity provider settings.

Is Azure AD B2C deprecated?

On 4 December 2020, the login.microsoftonline.com endpoint will be deprecated for accessing B2C tenants.

Can I use Azure AD B2C features in my existing employee based Azure AD tenant?

Can I use Azure AD B2C features in my existing, employee-based Azure AD tenant? Azure AD and Azure AD B2C are separate product offerings and cannot coexist in the same tenant. An Azure AD tenant represents an organization.

1 Answers

The reply URL must be https://musdqapp.com/ without the "signin-oidc". Reply URL and Redirect URI should match.

See this blog post for more information.

like image 66
Joel Guerra Avatar answered Sep 29 '22 05:09

Joel Guerra
Sign in to Comment

Related questions

How to get the exact "constraint name" from SQLException
How to save user last login date if he was logged in with external login provider using ASP .Net Identity?
What security holes do I open up if I do not limit the max request length for file upload to my webserver?
"No route in the route table matches the supplied values" when using Areas
Break point is not hitting in javascript file
Create PDF from HTML snippet using PdfSharp having external CSS classes included in the HTML
ASP.NET - two types of users that register in one registration form?
Get MVC Bundle Querystring
How to implement Continuous Delivery with DNX and ASP.NET 5
AngularJS and ASP.Net WebAPI Social Login on a Mobile Browser
asp dropdownlist postback not working in update panel when using <base> url in masterpage
iTextSharp creates PDF with blank pages
Asp.Net Core 1.0 (aka Asp.Net 5) website refresh with any file change?
What are the Default, System and Microsoft LogLevels in ASP.NET Core
Deploying ASP NET Core to IIS
Alternative to event.srcElement.id
.NET Core WebAPI + OpenIdDict (credentials flow) and Angular2 client: 401 after successful login (full repro)
Correct way to use PersianCalendar as Table column in entity framework
entity type ApplicationUser is not part of the model for the current context
onmousemove event does not fire from within external source?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!