Closed codepic closed 1 year ago
Turns out I need to:
SPA Application
Registration in B2C App Registrations
API Permissions
Add a permission
My APIs
tabB2C API
application registration from the listAdd permissions
If the api permissions listed in scopes
of the request
in tenant.jsx
are not mapped to the application (clientId) requesting the access token, the token endpoint will not return access token
. Nor any error will be produced.
Sorry for your troubles and thanks for your comments. Your solution is correct, though seems to be missing one more step: Grant admin consent for B2C...: in B2C all API scopes have to be pre-consented by the administrator, you cannot ask for them at run-time and have the user consent then (like you can in AAD enterprise). Therefore, in B2C you have to assign API permissions to the client through the portal and consent to them before requesting tokens at runtime. I have added some more details to the documentation.
I have tried my best to follow the instructions in MultiTenant Sample and I can log in to the SPA application but cannot get the members.
My guess is that the issue lies in the
App registrations
in theB2C
.Could you share more details on how to configure the app registrations? More specifically how the API Permissions, Certificates and Secrets and Authentication sections are configured in the demo application?
The issue is that when I go to members, the
/b2c_1a_v2signin/oauth2/v2.0/token
token endpoint returns onlyid_token
. Therefore the API request/tenant/oauth2/members
fails.Below is the request for sample React SPA application
And below the response (with tokens truncated...):
Request with our application:
and the response: