Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

how to get Facebook profile picture using Azure AD B2C

Tags:

facebook

azure-ad-b2c

msal

I am using MSAL.js and could successfully sign-in/sign-up users in Azure AD B2C using Facebook as identity provider. The problem is that after sign-in I cannot retrieve user's profile picture.

Azure AD B2C returns an object identifier which has no tie to user's Facebook id.

like image 773
armache Avatar asked Dec 30 '17 04:12

armache

1 Answers

Using custom policies, you can retrieve the picture field for the Facebook user and then issue a picture claim in the ID token, as follows.

1: Complete the Azure Active Directory B2C: Get started with custom policies steps with one of the social account policies such as the SocialAndLocalAccounts one.

2: Declare a "picture" claim in the extensions file:

<ClaimType Id="picture">
  <DisplayName>Picture</DisplayName>
  <DataType>string</DataType>
</ClaimType>

3: Add both the "picture" field to the "ClaimsEndpoint" metadata item and the "picture" output claim to the "Facebook-OAUTH" technical profile in the extensions policy:

<ClaimsProvider>
  <DisplayName>Facebook</DisplayName>
  <TechnicalProfiles>
    <TechnicalProfile Id="Facebook-OAUTH">
      <Metadata>
        <Item Key="client_id">facebook_clientid</Item>
        <Item Key="scope">email public_profile</Item>
        <Item Key="ClaimsEndpoint">https://graph.facebook.com/me?fields=id,first_name,last_name,name,email,picture</Item>
      </Metadata>
      <OutputClaims>
        <OutputClaim ClaimTypeReferenceId="picture" PartnerClaimType="picture" />
      </OutputClaims>
    </TechnicalProfile>
  </TechnicalProfiles>
</ClaimsProvider>

4: Issue the "picture" claim in the sign-up or sign-in relying party policy:

<RelyingParty>
  <DefaultUserJourney ReferenceId="SignUpOrSignIn" />
  <TechnicalProfile Id="PolicyProfile">
    <DisplayName>PolicyProfile</DisplayName>
    <Protocol Name="OpenIdConnect" />
    <OutputClaims>
      <OutputClaim ClaimTypeReferenceId="displayName" />
      <OutputClaim ClaimTypeReferenceId="givenName" />
      <OutputClaim ClaimTypeReferenceId="surname" />
      <OutputClaim ClaimTypeReferenceId="email" />
      <OutputClaim ClaimTypeReferenceId="picture" />
      <OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub"/>
      <OutputClaim ClaimTypeReferenceId="identityProvider" />
    </OutputClaims>
    <SubjectNamingInfo ClaimType="sub" />
  </TechnicalProfile>
</RelyingParty>
like image 52
Chris Padgett Avatar answered Nov 15 '22 02:11

Chris Padgett
Sign in to Comment

Related questions

How to detect Facebook share success? with Javascript
Re-parsing a facebook HTML5 comments box
Facebook share button: how to implement
Facebook Graph high resolution photos
How to make my facebook app public
How to get a React Component reference to change its class using classList?
Are tfbnw.net email addresses suspicious for facebook login
PHP function to get Facebook status?
How to remove the "Facebook social plugin" text?
Browser and wget load JPEG differently?
How to know if my page is running in a facebook iframe or not
how to tell if user granted your permissions or not with FB.login
Getting facebook authentication running within the MeteorJS framework?
iOS Facebook SDK - get list of Friends connected with App
How can I add 'Follow us on facebook' button to an iOS app?
Facebook share on mobile device
Submit Facebook App for review before iOS App is released to public?
invalid key hash the key hash does not match any stored key hash
Facebook API to read bookmarked items
relation "account_emailaddress" does not exist - django error

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!