Closed smileyiori closed 7 months ago
I don't follow, UseOpenIdConnectAuthentication doesn't support refresh tokens, that must be handled at a higher layer.
Hi @Tratcher thanks for answering. My question is, if I only use Azure AD B2C I can see the token being refreshed, because it goes to the right URL to get a new token. But you mentioned that should be handled at higher layer, how would I do that?
Azure AD B2C is the higher layer I'm talking about, that's extended functionality beyond what's offered by the Microsoft.Owin components here. You need to ask AzureAd about their components.
Closing as external
Hi, currently I have a ASP.NET MVC 5 application where it is using two type of authentication (AD B2C and AAD). In this app, authentication and authorization work well except when it comes with refresh token. I have identified that the last registered authentication type is setting the default configuration for refresh token. For example, if I register AD B2C first and after AAD, when AD B2C tries to refresh token, it redirects to AAD instead of AD B2C and vice versa.
FYI: If I only have AD B2C registered, the refresh token goes to AD B2C and gets refreshed.
Here is my code:
In the Controller, I am using this to authenticate:
Am I doing anything wrong on this? Is something related to the cookies?