How do i configure PKCE for azureb2c provider? #12896
Replies: 1 comment
-
|
I realized that i was registering callback URI's on the SPA setting and not on the WEB setting for my application. Though it would be nice if it worked with the SPA one also. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
The azureb2c provider login does not work and needs to include PKCE to fix it. How can i do this?
The login URL it creates does not contain code_challenge or code_challenge_method parameters.
This is how the generated login URL looks like now:
https://<tenantId>.b2clogin.com/<tenantId>.onmicrosoft.com/<primaryUserFlow>/oauth2/v2.0/authorize?client_id=<clientId>&scope=<scope>&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A5173%2Fapi%2Fauth%2Fcallback%2Fazure-ad-b2c&state=fqwjY-c9w5mgiY-2H5mRbtYMB-Hi_9fUzMPvwpKIZpUThis is how it should look like instead (Nuxt-auth-util library):
https://<tenantId>.b2clogin.com/<tenantId>.onmicrosoft.com/<primaryUserFlow>/oauth2/v2.0/authorize?client_id=<clientId>&response_type=code&redirect_uri=http:%2F%2Flocalhost:5173%2Fauth%2Fazureb2c&scope=<scope>&state=hQ5cAYlAxMg&code_challenge=bIodNQoK895S1RTRfvq0RU06vdHp1FoeBpGztPJfbEI&code_challenge_method=S256This is how my config looks like:
" AzureADB2CProvider({
tenantId: ,
clientId: ,
clientSecret: ,
primaryUserFlow: ,
authorization: { params: { scope: 'openid' } },
}),"
Beta Was this translation helpful? Give feedback.
All reactions