I've set up my web app using OpenIDConnectAuthentication as follows:

        app.UseOpenIdConnectAuthentication(
            new OpenIdConnectAuthenticationOptions
            {
                MetadataAddress = Settings.AADB2CAuth.SignInPolicyMetaAddress,
                AuthenticationType = Settings.AADB2CAuth.SignInPolicyId,

                ClientId = Settings.AADB2CAuth.ClientId,

                Notifications = new OpenIdConnectAuthenticationNotifications
                {
                    AuthenticationFailed = OnAuthenticationFailed,
                    AuthorizationCodeReceived = OnAuthorizationCodeReceived 
                },

                RedirectUri = Settings.AADB2CAuth.RedirectUri,

                Scope = "openid",
                ResponseType = "id_token",
            });

This works fine. However an authorization code is not returned with the id_token. If change this to code id_token or just code, the AuthorizationCodeReceived notification fires, but then I am met with the error

AADSTS70000: Authentication failed: Authorization Code is malformed or invalid

Basically what I'm trying to do is access the B2C AD as the current signed in user. Is this at all possible?

Related posts

Recent Viewed