I am trying to integrate Azure AD B2C into a Xamarin.Forms app. I am following THIS GUIDE as a starter. I have created Azure AD B2C tenant. When I open the endpoints of the tenant here is what I see
As you can see the general pattern for URL is https://TENANT.b2clogin.com/TENANT.onmicrosoft.com/<policy-name>/
However, inside the sample the URL is formed differently:
https://TENANT.b2clogin.com/tfp/TENANT.onmicrosoft.com/<policy-name>/
Notice the tfp bit.
If I remove the tfp
part from the URL formation, as soon as these lines are executed
var builder = PublicClientApplicationBuilder.Create(B2CConstants.ClientID)
.WithB2CAuthority(B2CConstants.AuthoritySignInSignUp)
.WithIosKeychainSecurityGroup(B2CConstants.IOSKeyChainGroup)
.WithRedirectUri($"msal{B2CConstants.ClientID}://auth");
I receive the following exception
System.ArgumentException: B2C 'authority' Uri should have at least 3 segments in the path (i.e. https://<host>/tfp/<tenant>/<policy>/...)
Obviously, the MSAL.NET API expects the the URI should contain the tfp
bit, but the endpoints are really without that.
I am using the the 4.17.1
version of Microsoft.Identity.Client
.
It does seem that the latest APIs in MSAL.NET are not compatible with the latest Azure AD B2C. Is there any workaround?
It appears I was doing it wrong. I shouldn't have used the endpoints from the B2C itself, rather I should have created specific iOS & Android app registrations. Here's what I have done.
After these steps all worked OK.