How do i configure PKCE for azureb2c provider? #12896
Replies: 1 comment
-
|
I realized that i was registering callback URI's on the SPA setting and not on the WEB setting for my application. Though it would be nice if it worked with the SPA one also. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The azureb2c provider login does not work and needs to include PKCE to fix it. How can i do this?
The login URL it creates does not contain code_challenge or code_challenge_method parameters.
This is how the generated login URL looks like now:
https://<tenantId>.b2clogin.com/<tenantId>.onmicrosoft.com/<primaryUserFlow>/oauth2/v2.0/authorize?client_id=<clientId>&scope=<scope>&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A5173%2Fapi%2Fauth%2Fcallback%2Fazure-ad-b2c&state=fqwjY-c9w5mgiY-2H5mRbtYMB-Hi_9fUzMPvwpKIZpUThis is how it should look like instead (Nuxt-auth-util library):
https://<tenantId>.b2clogin.com/<tenantId>.onmicrosoft.com/<primaryUserFlow>/oauth2/v2.0/authorize?client_id=<clientId>&response_type=code&redirect_uri=http:%2F%2Flocalhost:5173%2Fauth%2Fazureb2c&scope=<scope>&state=hQ5cAYlAxMg&code_challenge=bIodNQoK895S1RTRfvq0RU06vdHp1FoeBpGztPJfbEI&code_challenge_method=S256This is how my config looks like:
" AzureADB2CProvider({
tenantId: ,
clientId: ,
clientSecret: ,
primaryUserFlow: ,
authorization: { params: { scope: 'openid' } },
}),"
Beta Was this translation helpful? Give feedback.
All reactions