如何在授权代码流 Azure AD B2C 中获取用户配置文件信息?
[英]How to get user profile info in Authorization code flow Azure AD B2C?
问题描述
In Auth Code flow, azure tenant provides a auth code upon successful authentication( username/pwd ), then this code can be traded for access_token (useful to protect our resource APIs).
在 Auth Code 流程中,azure 租户在认证成功后提供一个 auth code( username/pwd ),然后此代码可以交易access_token (用于保护我们的资源 API)。 When I use this access_token to get profile details using graph /me endpoint I'm getting invalid token exception.当我使用此access_token使用graph /me端点获取配置文件详细信息时,我得到了无效的令牌异常。 So, how can I get user profile details in this flow?那么,如何在此流程中获取用户个人资料详细信息?
Appreciate your help!!感谢你的帮助!!
2 个解决方案
解决方案1
1 2020-06-24 07:06:26
An access token can be used only for one resource.访问令牌只能用于一种资源。
The access token which is for your resource API cannot be used to call Microsoft Graph.您的资源 API 的访问令牌不能用于调用 Microsoft Graph。
You should set scope=https://graph.microsoft.com/.default offline_access during getting code and access token.您应该在获取代码和访问令牌期间设置scope=https://graph.microsoft.com/.default offline_access 。
But currently it's not supported to get access token for Microsoft Graph via Request an access token in Azure Active Directory B2C .但目前不支持通过Request an access token in Azure Active Directory B2C 获取Microsoft Graph 的访问令牌。 It's only for protecting your APIs.它仅用于保护您的 API。
You need to follow Get access on behalf of a user to get the access token with Auth Code flow.您需要按照代表用户获取访问权限以使用身份验证代码流程获取访问令牌。
解决方案2
0 2020-06-24 13:02:12
Implicit flow is the only flow supported for SPA. 隐式流是 SPA 支持的唯一流。 Authorization code flow is intended for webapps, mobile and desktop apps but not for SPA.Please refer to this document授权代码流适用于 webapps、移动和桌面应用程序,但不适用于 SPA。请参阅此文档
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.