Trying to implement Azure Active Directory B2C gives me a 404 error

Question

I'm trying to implement Azure Active Directory B2C in a new page I'm developing, but I'm getting this 404 - File or directory not found error trying to sign in from my page.

I made the tenant, registered my app, created my policies, the whole deal. I can test them from the Azure portal without much problem. However, I followed the directions over the official tutorial to implement the policies in my page to no avail, I'm getting the mentioned 404 error as if something's missing.
I even downloaded the code posted there and it works!

I tried comparing both codes but couldn't really see a difference. However, I'm pasting my code here hoping you could help me out with this.

WEB.CONFIG

<add key="ida:Tenant" value="PlataformaXXX.onmicrosoft.com" />
<add key="ida:ClientId" value="84d2a6e6-4cac-4c53-a5ff-XXXXXXXXXXXX" />
<add key="ida:AadInstance" value="https://login.microsoftonline.com/{0}/v2.0/.well-known/openid-configuration?p={1}" />
<add key="ida:RedirectUri" value="https://localhost:59744/" />
<add key="ida:SignUpPolicyId" value="B2C_1_Sign_Up" />
<add key="ida:SignInPolicyId" value="B2C_1_Sign_In" />
<add key="ida:UserProfilePolicyId" value="B2C_1_Edit" />

STARTUP.AUTH.CS

public partial class Startup
{
    // App config settings
    private static string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
    private static string aadInstance = ConfigurationManager.AppSettings["ida:AadInstance"];
    private static string tenant = ConfigurationManager.AppSettings["ida:Tenant"];
    private static string redirectUri = ConfigurationManager.AppSettings["ida:RedirectUri"];

    // B2C policy identifiers
    public static string SignUpPolicyId = ConfigurationManager.AppSettings["ida:SignUpPolicyId"];
    public static string SignInPolicyId = ConfigurationManager.AppSettings["ida:SignInPolicyId"];
    public static string ProfilePolicyId = ConfigurationManager.AppSettings["ida:UserProfilePolicyId"];

    public void ConfigureAuth(IAppBuilder app)
    {
        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        app.UseCookieAuthentication(new CookieAuthenticationOptions());

        // Configure OpenID Connect middleware for each policy
        app.UseOpenIdConnectAuthentication(CreateOptionsFromPolicy(SignUpPolicyId));
        app.UseOpenIdConnectAuthentication(CreateOptionsFromPolicy(ProfilePolicyId));
        app.UseOpenIdConnectAuthentication(CreateOptionsFromPolicy(SignInPolicyId));
    } ...

If any other chunk of code is needed, please tell me.

Really guys, any help will be very much appreciated.

Best regards, Toño.

Answer 1

Looks like your parameter ida:AadInstance is wrong. Should be:

https://{0}.b2clogin.com/{1}/v2.0/.well-known/openid-configuration?p={2}
{0}: tenantid
{1}: tenantid.onmicrosoft.com
{2}: policy name

If you like to keep login.microsoftonline.com, the url has to be:

https://login.microsoftonline.com/tfp/{0}/{1}/v2.0/
{0}: tenantid.onmicrosoft.com
{1}: policy name

Regards Konrad

Answer 2

I was having the same issue as well. Some of the things you can check are:

• Make sure the name of the policies in your webconfig and in Azure AD are the exact same, including the correct upper/lower case

• Make sure the AadInstance has a trailing slash (/)

• Make sure you have the latest version of the owin and microsoft.identitymodel.protocol.extensions libraries ( suggest re-loading them from NuGet )

  • This last one is the issue that I had the hardest time finding. If the resulting URL in your browser contains 2 question marks, then this is the fix.

Answer 3

If you're trying to use .auth/me make sure your Store Token is enabled in Authentication Settings. Else it'll give you a 404. :)