Menu
I've successfully implemented MSAL JS for Azure AD B2C. The next step is to let the user edit their profile. I've created a new policy for Edit Profile. But how to redirect the user there? There are only login methods / acquire token methods. I've tried to set the authority to a different policy. It then does redirect to the right page, but then it starts complaining about errors in scopes, and it messes up the token locally.
editProfile() {
this.userAgentApp.authority = this.policyEditProfile;
this.userAgentApp.loginRedirect();
}
The ASP.NET code examples explicitly have an option to set the editProfile Policy ID: https://learn.microsoft.com/en-gb/azure/active-directory-b2c/active-directory-b2c-devquickstarts-web-dotnet-susi#update-code-to-use-your-tenant-and-policies
Feels like this is missing from MSAL.JS and I have to manually craft the URL, is that correct?
236
PKCE is supported by MSAL.
ADAL.NET used AuthenticationContext as the representation of your connection to the Security Token Service (STS) or authorization server, through an Authority. MSAL.NET is designed around client applications.
Sign-out with a redirectMSAL. js provides a logout method in v1, and logoutRedirect method in v2 that clears the cache in browser storage and redirects the window to the Azure AD sign-out page. After sign-out, Azure AD redirects back to the page that invoked logout by default.
Yes, this is correct. You will need to use a different authority which URL is composed of the tenant and the policy name, as shown here:
private static string Tenant = "yourTenant.onmicrosoft.com";
public static string PolicySignUpSignIn = "b2c_1_susi";
public static string PolicyEditProfile = "b2c_1_edit_profile";
private static string BaseAuthority = "https://login.microsoftonline.com/tfp/{tenant}/{policy}/oauth2/v2.0/authorize";
public static string Authority = BaseAuthority.Replace("{tenant}", Tenant).Replace("{policy}", PolicySignUpSignIn);
public static string AuthorityEditProfile = BaseAuthority.Replace("{tenant}", Tenant).Replace("{policy}", PolicyEditProfile);
BTW, that sample, although for .NET Desktop shows how to use the edit profile and password reset policies: active-directory-b2c-dotnet-desktop , see in particular the EditProfileButton_Click method, the factor of acquiring the token (interactively) will trigger the dialog to edit the profile:
AuthenticationResult authResult = await App.PublicClientApp.AcquireTokenAsync(App.ApiScopes, GetUserByPolicy(App.PublicClientApp.Users, App.PolicyEditProfile), UIBehavior.SelectAccount, string.Empty, null, App.AuthorityEditProfile);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
