Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using MSAL.js in SPA for Azure B2C Authentication - Pop up window an issue?

Tags:

single-page-application

popup

azure-ad-b2c

msal

So I was thinking of using MSAL for authentication against the AZURE B2C Identity Provider, but from what I can see by looking at the code, MSAL is dependent on pop up windows for logins. (Please correct me if I'm wrong).

My question is, given that B2C sites are consumer facing, isn't the use of pop up windows highly discouraged, given that many of your potential site users may have pop up disabled? I'm having difficulty finding a good example of how to plug Azure B2C into an angular2 app without pop up windows.

like image 261
Jim Taliadoros Avatar asked Aug 10 '17 11:08

Jim Taliadoros

People also ask

Does Msal support SAML?

MSAL does not support SAML. It only supports OAuth / OpenID Connect. SAML is devloped by the Security Services Technical Committee of OASIS (Organization for the Advancement of Structured Information Standards) not by Microsoft so this might be the reason SAML is not included in MSAL Library.

What is B2C authentication in Azure?

Azure Active Directory B2C (Azure AD B2C) is a customer identity access management (CIAM) solution that enables you to sign up and sign in your customers into your apps and APIs. Your customers use their preferred social, enterprise, or local account identities to get single sign-on access to your applications.

What is Msal iframe?

The Microsoft Authentication Library for JavaScript (MSAL. js) uses hidden iframe elements to acquire and renew tokens silently in the background.

How do I get Msal access token?

In MSAL, you can get access tokens for the APIs your app needs to call using the acquireTokenSilent method which makes a silent request(without prompting the user with UI) to Azure AD to obtain an access token.

1 Answers

You can actually use loginRedirect() instead of loginPopup(); however, Azure B2C does not yet support custom domains for the login page, so your users will be redirected to a variant of https://login.microsoftonline.com. This isn't terrible if you setup branding on your Azure AD tenant, but there is a bug where users may get a 400 error. ( http 400: size of header request is too long when signing in user using Multifactor authentication )

like image 157
Granville Schmidt Avatar answered Sep 19 '22 14:09

Granville Schmidt
Sign in to Comment

Related questions

How to control popup's width for leaflet-feature's popup in R?
How to open facebook login dialog in the same window instead of popup window?
I want to set popup width at run time according to title size in android
Insert a new line in shiny's modalDialog
How to add a menu item to the default right click context menu
Closing child pop-up and refreshing the parent page
How to add a popup box to a vector in OpenLayers?
How to open and then close a window without getting blocked as a popup?
How can I force a ContextMenu to close (WPF project)?
Matplotlib basemap: Popup box
Cannot pass arguments from the tkinter widget.after function
How to make onclick event to work only once
Rails 3.2 Modal popup on show action
$().live is not a function - JavaScript/jQuery
Javascript resizing of Firefox pop-up window?
Rounded popup for JCombobox
Flex: Cannot tab between controls on a modal popup

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!