Blazor Client/Server side - Built in feature to use Azure B2C

[lzinga]

This is a request very similar to #9768.

I have been investigating integrating Azure B2C into a Blazor Web Assembly app and the process is a long and arduous one and can at times be confusing when following the docs. Implementing a feature to have a quick and easier setup process for Azure B2C would help more people move to secure accounts and social logins using Azure.

For a quick start up with Azure B2C the developers can spend more time with their app instead of fighting with authentication and authorization. On top of this the current scaffolding within Blazor Web Assembly uses MVC for identity and users which breaks the stack flow of those who want to use a full Blazor stack. If an Azure B2C implementation was an option it keeps the stack clean and provides a real world setup to get users up and running quickly.

[blowdart]

This is on the radar. Azure AD are revamping AAD integration and will own it going forwards, so we don't get into the position where we are now, with AAD B2C being stuck on their v1 endpoints, as well as having a cleaner experience where they own the UI and both AAD and AAD B2C look pretty much identical from a code point of view.

You can expect to see the start of this integration in some command line templates in a month or two, from there we'll be working on getting it into VS and into all our templates, including Blazor.

[danroth27]

@lzinga Have you looked at the Blazor WebAssembly docs for setting up authentication with Azure AD B2C?:

• Secure an ASP.NET Core Blazor WebAssembly hosted app with Azure Active Directory B2C
• Secure an ASP.NET Core Blazor WebAssembly standalone app with Azure Active Directory B2C

[PylotLight]

Just to note, I was able to follow docs and use the content generated by the server template to then get my own orgs AAD auth working very nicely. Sure it could have been easier, but it works well now by follow the documentation Dan has provided.

[blowdart]

OK closing as you're unblocked.

[simonziegler]

I know this is closed @danroth27 and @blowdart but I'll give you my retrospective. I just spent 12 days attempting to just get to the point where I had access tokens and could then authorize against a web api. Unfortunately the docs that Dan references are not really up to scratch. It's not possible to follow them and get a result - this is a conversation I had with @guardrex in another thread (and thanks for all the help Luke).

So you know, I was authenticating with B2C a long time back. It was authorization that got in the way. Even now I have an access token but no refresh token and I can't find any clear understandable docs about (i) how to get a refresh token and (ii) how to use it.

So I'd say that you are unfortunately not even off the starting blocks here. Once it works it is of course fantastic (everything Blazor is), but it needs some serious attention and checking to see if the instructions can actually be followed verbatim without any other knowledge (one example: it took me ages to work out that a scope is actually a fully qualified URI).

Hope that helps and I'd be delighted to discuss further if you want. Simon

[blowdart]

I'd suggest a good first start is talking to the AAD folks about their new libraries, because that's where the development work will be for most things.

[simonziegler]

Thanks @blowdart. It's exciting that this is being worked on. I need to get back to business logic and will revisit in a while. I'll probably find that curiosity gets the better of me in the coming days though!