Closed munkii closed 7 months ago
We now have this working.
Our custom policies were missing the 'Endpoint' element in the Relying Party file for our B2C signup/signin custom policy. This meant that any extension claims were not being issued with the access tokens when our refresh token redemption journey ran.
We worked this out by following the comment thread of this answer in StackOverflow
See EndPoints element, https://learn.microsoft.com/en-gb/azure/active-directory-b2c/relyingparty#endpoints
Thank you so much for following up with the resolution @munkii
Library version used
4.36.1
.NET version
netstandard2.1 Xamsrin.Forms 5.0.0.2622
Scenario
PublicClient - mobile app
Is this a new or an existing app?
The app is in production, I haven't upgraded MSAL, but started seeing this issue
Issue description and reproduction steps
We have a custom extension attribite defined as part of our B2C custom policies. We read that extension attribute from the IAuthenticationResult.IdToken and store than on the mobile device in Preferences store.
If that custom attribute is update after an inital authentication we would expect the new attribute values to appear in the IdToken after a RefreshToken is used to get a new AccessToken.
However that is not the case and we do not see the updated claims until the user logs out then logs in again. I have heard others mention this problem with other MSAL platforms and was wondering if it was supposed to work with Identity.Client in Xamarin.
Relevant code snippets
Expected behavior
I would expect to see the updated value of extension_clinic to be reflected in the new token. I can see the token getting updated based in the debug statement
(result.ExpiresOn - DateTimeOffset.UtcNow).TotalMinutes + " minutes")
Identity provider
Azure B2C Custom Policy
Regression
No response
Solution and workarounds
No response