Open nmowatt opened 1 year ago
Here is my working configuration :
AzureADB2C({
issuer: `https://${B2C_TENANT}.b2clogin.com/${B2C_TENANT_ID}/v2.0/`,
wellKnown: `https://${B2C_TENANT}.b2clogin.com/${B2C_TENANT}.onmicrosoft.com/${B2C_POLICY}/v2.0/.well-known/openid-configuration`,
authorization: {
url: `https://${B2C_TENANT}.b2clogin.com/${B2C_TENANT}.onmicrosoft.com/${B2C_POLICY}/oauth2/v2.0/authorize`,
params: { scope: B2C_CLIENT_ID }
},
token: `https://${B2C_TENANT}.b2clogin.com/${B2C_TENANT}.onmicrosoft.com/${B2C_POLICY}/oauth2/v2.0/token`,
clientId: B2C_CLIENT_ID,
clientSecret: B2C_CLIENT_SECRET,
allowDangerousEmailAccountLinking: true
})
Hope it helps
Here is my working configuration :
AzureADB2C({ issuer: `https://${B2C_TENANT}.b2clogin.com/${B2C_TENANT_ID}/v2.0/`, wellKnown: `https://${B2C_TENANT}.b2clogin.com/${B2C_TENANT}.onmicrosoft.com/${B2C_POLICY}/v2.0/.well-known/openid-configuration`, authorization: { url: `https://${B2C_TENANT}.b2clogin.com/${B2C_TENANT}.onmicrosoft.com/${B2C_POLICY}/oauth2/v2.0/authorize`, params: { scope: B2C_CLIENT_ID } }, token: `https://${B2C_TENANT}.b2clogin.com/${B2C_TENANT}.onmicrosoft.com/${B2C_POLICY}/oauth2/v2.0/token`, clientId: B2C_CLIENT_ID, clientSecret: B2C_CLIENT_SECRET, allowDangerousEmailAccountLinking: true })
Hope it helps
Thank you so much.
Provider type
Custom provider
Environment
Reproduction URL
Client project. Using Svelte.
Describe the issue
I'm using custom provider to get Azure B2C working. I have another issue related to Azure B2C failing with SvelteKitAuth (https://github.com/nextauthjs/next-auth/issues/7809).
When I'm using Implicit flow (which returns both and access_token and an id_token) it works fine, but whenever I try to use authorization code flow, which is the recommended way, the signin fails with error:
Here is my code:
I've also tried setting the type to "oidc" since that's what the AzureADB2C provider is using, but I guess I would want oauth here (?)
So I could check Access tokens (used for implicit flows) here, but that is not the recommended way to obtain access tokens anymore.
How to reproduce
Expected behavior
Should be allowed to sign in without needing an access_token