Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can we set custom headers on RESTful API calls in Azure Active Directory B2C custom policies?

Tags:

azure

azure-ad-b2c

I have successfully created an AAD B2C custom policy which makes a call to my application.

Similar to what can be found here:

Integrate REST API claims exchanges in your Azure AD B2C user journey as validation on user input

and here:

Secure your RESTful services using client certificates

<ClaimsProvider>
    <DisplayName>XYZ API</DisplayName>
    <TechnicalProfiles>
        <TechnicalProfile Id="XYZ">
            <DisplayName>XYZ</DisplayName>
            <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
            <Metadata>
                <Item Key="ServiceUrl">https://example.com/api/1.0/Users</Item>
                <Item Key="AuthenticationType">ClientCertificate</Item>
                <Item Key="SendClaimsIn">Body</Item>
            </Metadata>
            <CryptographicKeys>
              <Key Id="ClientCertificate" StorageReferenceId="B2C_1A_XYZRestClientCertificate" />
            </CryptographicKeys>
            <InputClaims>
                <InputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="givenName" />
                <InputClaim ClaimTypeReferenceId="surname" PartnerClaimType="surname" />
                <InputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="displayName" />
                <InputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="objectId" />
                <InputClaim ClaimTypeReferenceId="email" PartnerClaimType="email" />
                <InputClaim ClaimTypeReferenceId="otherMails" PartnerClaimType="otherMails" />
            </InputClaims>
            <OutputClaims>
            </OutputClaims>
            <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
        </TechnicalProfile>
    </TechnicalProfiles>
</ClaimsProvider>

Our app likes to use custom HTTP headers to track some information about the caller, such as a transaction id. Is it possible to add HTTP headers similar to claims? Something maybe like:

<InputHeaders>
    <InputHeader ClaimTypeReferenceId="objectId" HeaderName="transactionId" />
    <InputHeader Value="AzureB2C" HeaderName="callerName" />
</InputHeaders>
like image 601
fei0x Avatar asked Oct 29 '22 00:10

fei0x

1 Answers

Right now, it is not possible to split some claims between various places (e.g. body, headers, query string). I suggest you add a request for this feature at the Azure feedback portal for Azure Active Directory.

like image 189
Omer Iqbal Avatar answered Nov 09 '22 05:11

Omer Iqbal
Sign in to Comment

Related questions

How to migrate Azure Notification hub to Firebase Cloud Messaging?
Operation results in exceeding quota limits of Core. Maximum allowed: 4, Current in use: 0, Additional requested: 6
Azure AD B2C getting oauthConnection Error: Bad Request
Continuous deployment to Azure of ASP.NET Core app
How to create custom entity without inheriting from TableEntity or implementing ITableEntity
Custom policies in Azure AD B2C
Automatically changing Azure blob storage tier to cool?
Is it ok to await a collection of 1000 tasks in a .NET app? Or should batching be used?
Why do QueueClient.PeekBatch() and MessageReceiver.PeekBatch() not pull back the number of messages you specify
Getting error "Unable to check Directory Read access for appId" when trying to access Graph REST API programmatically from a .net application
Programmatically get Azure storage account properties
Publish to Azure in Visual Studio Community for Mac
Azure Functions - Application Insights - Custom Telemetry - EventSource instance already exists
Parse text in Azure Logic Apps
Cron expression which run on the last day of the every month
does anyone know if the cosmossdb emulator supports graph api for local dev - or just documentDb api
Azure Authentication in web API - role claims are missing after validation
How to rename index in Azure Search
Supporting the On-Behalf-of flow with managed service identities
Visual Studio Team Services Release/Deploy fails - "No package found with specified pattern"

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!