4

I have one application integrated with Azure B2C directory. Our problem is, login page is redirecting to Azure B2C portal (Own custom page) for authenticate or Authorize users and then revert back to the original website.

I need to open popup with my own website login design and at the backend, I am able to call Azure B2C REST api to validate users.

How I can create REST API for Login in Azure B2C portal?

Let me know if you have any information about the same.

Ketan Garala
  • 73
  • 1
  • 7
  • 1
    You are looking for the ROPC flow: https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-ropc-policy?tabs=app-reg-ga&pivots=b2c-user-flow – juunas Dec 17 '20 at 10:33
  • I think Applications (Legacy) is deprecated. Please let me know if there is any other way. – Ketan Garala Dec 17 '20 at 11:57
  • Yeah it is. The documentation link I posted has the examples for the newer App registrations experience too. "To register an application in your Azure AD B2C tenant, you can use our new unified App registrations experience or our legacy Applications (Legacy) experience." – juunas Dec 17 '20 at 11:59
  • Hi @KetanGarala, have you found solution for this, I was also researching for similar condition and also give user to access with Google/Facebook. – deen Dec 22 '21 at 12:51

1 Answers1

4

As juunas said in the comment, you could use resource owner password credentials(ROPC) flow to validate users at the backend. You could call the API with the POST request at the end. Note: ROPC supports local accounts only.

Try to create resource owner user flow first.

enter image description here

You need to replace the username and password with the user's to be verified.

POST https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/B2C_1A_<ROPC_Auth name of the flow>/oauth2/v2.0/token

username=<username>
&password=<password>
&grant_type=password
&scope=openid <application-id> offline_access
&client_id=<application-id>
&response_type=token+id_token
unknown
  • 6,778
  • 1
  • 5
  • 14
  • Thanks Pamela,Can you please share a document for "ROPC supports local accounts only" this? The client has 1500K customers in Azure B2C portal. should I use ROPC REST API to validate it? – Ketan Garala Dec 18 '20 at 04:34
  • Which Support Account Type should i select at the time of app creation? Accounts in this organizational directory only (Addact Technologies Pvt Ltd only - Single tenant) * Accounts in any organizational directory (Any Azure AD directory - Multitenant) * Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox) *Personal Microsoft accounts only – Ketan Garala Dec 18 '20 at 04:43
  • I am not able to see user flow types. Why? there is just name and identity provider by default selected and user parameters. – Ketan Garala Dec 18 '20 at 05:51
  • The [document](https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-ropc-policy?tabs=app-reg-ga&pivots=b2c-user-flow) shows that "ROPC supports local accounts only": https://i.stack.imgur.com/oEQK7.png – unknown Dec 18 '20 at 06:05
  • Thank you @Pamela Peng. I will look into this. – Ketan Garala Dec 18 '20 at 06:19