I am investigating the possibilities of Azure AD B2C. I have the following use case:
I have a Xamarin Forms app. In the current app, a user can choose three different environments (A, B, C) when logging in. Each environment has a separate - but similar - website, think of it as staging environments. So the choice of environment dictates in which website where the actual login takes place. A user should be able to logout of A and then login again in B, for example.
Now I want Azure AD B2C handle the authentication instead. I set up a tenant and create a custom policy to make a rest call to the website to do extra validation steps with the objectid in the last orchestration step. This mechanism is working fine.
The problem is that the REST calls to the serviceurl is slightly different for environments A, B of C. In the orchestration I guess it should be possible to make the three separate REST steps and make them conditional on some parameter. The question is which parameter. A custom claim?
The Xamarin app uses msal to connect to the tenant.
What mechanism can I use from the app to know in the custom policy that a login is for environment A, B of C?
Following Jas's comment, I added WithExtraQueryParameters to the app:
await App.AuthenticationClient
.AcquireTokenInteractive(scopes: Constants.Scopes)
.WithExtraQueryParameters(new Dictionary<string, string> { { "website_code", "TEST" } })
.WithPrompt(Prompt.ForceLogin)
.WithParentActivityOrWindow(App.UIParent)
.ExecuteAsync();
Some key snippets from TrustframeworkExtensions.xml:
<ClaimType Id="website_code">
<DisplayName>Website code</DisplayName>
<DataType>string</DataType>
<UserHelpText>The Website code</UserHelpText>
</ClaimType>
<InputClaim ClaimTypeReferenceId="website_code" DefaultValue="{OAUTH-KV:website_code}" AlwaysUseDefaultValue="true" />
<OrchestrationStep Order="7" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
<Value>website_code</Value>
<Value>TEST</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="RESTGetUserClaims_test" TechnicalProfileReferenceId="xxxx_test" />
</ClaimsExchanges>
</OrchestrationStep>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.