DEVHIDE
Login Or Sign up

How to authorize client application in Azure AD B2C

264 Views Asked by At

Previously, we were using a registered app in Azure AD, but we want to switch over to Azure AD B2C now because it provides more identity provider options. The issue is that under "Expose an API" in my Azure AD app registration, there is a section "Authorized client applications" where you can specify the client id of a client application that you trust. However, in my B2C app registration, there is no "Authorized client applications" section under "Expose an API".

In Azure AD, I authorized client application with ID d3590ed6-52b3-4102-aeff-aad2292ab01c (Microsoft Office) and since I cannot do this the same way with Azure AD B2C, I am getting this error:

enter image description here

Any help on how I can solve this issue and authorize this client id in B2C would be appreciated, thank you.

I was expecting to find the option to authorize client applications in the same place, but perhaps it looks different in B2C.

azure-ad-b2c authorize clientid
Original Q&A
1

There are 1 best solutions below

0
Rukmini On

Note that: The "Authorized client applications" section under Expose an API is only available in Azure AD but not in Azure AD B2C and this is by design.

You can access the ServerApp API using ClientApp in Azure AD B2C like below:

Create an ServerApp, Expose and API and add scope:

enter image description here

Create an ClientApp and add this scope and grant Admin Consent:

enter image description here

Now, authorize users to access ServerApp API using the below endpoint:

https://rukkb2c.b2clogin.com/rukkb2c.onmicrosoft.com/B2C_1_testrukpolicy/oauth2/v2.0/authorize?
&client_id=ClientID
&response_type=code
&redirect_uri=https://jwt.ms
&response_mode=query
&scope=https://rukkb2c.onmicrosoft.com/ClientID/access_as_user
&state=12345

enter image description here

I generated access token using below parameters via Postman:

https://rukkb2c.b2clogin.com/rukkb2c.onmicrosoft.com/B2C_1_testrukpolicy/oauth2/v2.0/token

client_id:ClientID
grant_type:authorization_code
scope:https://rukkb2c.onmicrosoft.com/ClientID/access_as_user
code:code
redirect_uri:https://jwt.ms
client_secret:ClientSecret

enter image description here

References:

In Azure why can I not see a "Authorized client applications" section on the "Expose an API" page of an app registration - Stack Overflow by Carl Zhao

Request an access token in Azure Active Directory B2C

Related Questions in AZURE-AD-B2C

Related Questions in AUTHORIZE

Related Questions in CLIENTID

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.