Search code examples
azurehttprequestazure-ad-b2c

Postman Request to take Token as an Authorised User from Azure Portal (Azure AD B2C) for Development Purposes

  • I have a configured UI integration with Azure B2C and when I am trying to log in with a specific "test" user I am logged in and redirecting to the landing page of the site.

enter image description here

  • I am trying now to make a postman request as the same authorized user ("test") in Azure B2C from postman for development purposes and I am getting back Bad request.
  • I have inspect the network and I am send also with postman the same request.
  • Is there probably any configuration in azure AD/B2C for accepting redirection from specific sites only and rejecting for example postman requests?
  • If not, how can I take token then?

enter image description here

Solution

  • First of all you have to enable this workflow from azure and if you do , you can then send a simple POST request like this:

    curl --location --request POST 'https://{{TENAT_ID}}.b2clogin.com/{{TENAT_ID}}.onmicrosoft.com/{{AUTHORITY}}/oauth2/v2.0/token' \
--header 'response_type: token' \
--header 'Content-Type: application/x-www-form-urlencoded' \

--data-urlencode 'response_type=token id_token' \
--data-urlencode 'scope={{SCOPE}} {{CLIENT_ID}}' \
--data-urlencode 'client_id={{CLIENT_ID}}' \
--data-urlencode 'username={{USER_NAME}}' \
--data-urlencode 'password={{USER_PASSWORD}}' \
--data-urlencode 'grant_type=password'

    you can easily import this to post man and change the {{ }} with your own settings