cecilphillip
commented
6 years ago @BrianLytle Is this that you're looking for? https://github.com/Azure-Samples/active-directory-b2c-dotnetcore-webapi
Closed BrianLytle closed 4 years ago
cecilphillip
commented
6 years ago @BrianLytle Is this that you're looking for? https://github.com/Azure-Samples/active-directory-b2c-dotnetcore-webapi
JimBobSquarePants
commented
6 years ago @cecilphillip That linked repo only covers half the requirements. The WebApp portion of this sample appears to require configuration values that simply are not available within B2C e.g. TenantId
jmprieur
commented
6 years ago 
parakhj
commented
6 years ago @JimBobSquarePants could you elaborate on what you are looking to do? Is it a .net core web app and web api?
TenantID is just the name of your Azure AD B2C tenant
JimBobSquarePants
commented
6 years ago TenantID is just the name of your Azure AD B2C tenant
@parakhj The name?
The configuration sample in this repository requires a guid according to the inline documentation.
There's no equivalent setting in the B2C example I found, only the Tenant property which is equivalent to the Domain property in the default template generated by visual studio.
Gathering the correct information to put together a working example utilizing implicit flow is far more difficult than it should be. The documentation references sample applications that have been customized from the default templates and those samples are poorly named, incomplete, with many open issues.
I'm essentially looking for something that should be simple:
A complete, well architected (e.g reusable, easily overridable), well documented, example of configuring a .NET Core WebApp to be able to authenticate against one or many separate WebAPI's. (All the distributed examples in either NET Framework or NET Core link to a single Web API endpoint only which does not reflect larger distributed applications).
There are simply too many idiosyncrasies to navigate properly without these complete examples.
Take for example, using the ConfidentialClientApplication class to acquire a token requires the full tenant redirect url in it's constructor whereas OpenIdConnectOptions.CallbackPath only requires the path segment of the uri.
jmprieur
commented
6 years ago thanks for your feedback @JimBobSquarePants. We need to do more work indeed. BTW you are expecting to use MSAL.NET (ConfidentialClientApplication) whereas this sample uses ADAL.NET.
Do I understand correctly, that you would like to have a good (reusable, easily overridable) sample:
Did you see this sample: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2, which is about signing users in a Web App (it's rather new), but does not show how to call a Web API (we have plans to add that sample)
JimBobSquarePants
commented
6 years ago Thanks @jmprieur I appreciate your swift reply.
I hadn't seen that sample as I've been specifically looking for B2C as it has less restrictions on account source. (I don't want to restrict users to MS or AD accounts in my use case). I will have a good read through the source though.
I would also expect to use MSAL since it essentially obsoletes ADAL as far as I understand it.
That feature request is almost correct, apologies if I've caused confusion.
I hope that all makes sense.
TiagoBrenck
commented
4 years ago Closing as we are archiving this sample.
The newer one can be found at: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/4-WebApp-your-API
Not an issue, just a question...Any chance you have a version of this using B2C? I have been trying to modify your code to use B2C but I am not having any luck.