Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
How to use client credentials with Azure AD B2C?
See original GitHub issueI want to programmatically add/remove users from the Azure AD B2C directory I have. I have made my application ‘User administrator’. I also created a client secret in the ‘Certificates & secrets’ section of my app.
In my Spring boot application, I created this bean:
@Bean
public ConfidentialClientApplication clientApplication() throws MalformedURLException {
return ConfidentialClientApplication.builder("<application-id>",
ClientCredentialFactory
.createFromSecret("<client-secret>"))
.b2cAuthority("https://mycompb2ctestorg.b2clogin.com/tfp/oauth2/nativeclient")
.build();
}
Using this bean, I try to get an access_token:
CompletableFuture<IAuthenticationResult> future = clientApplication
.acquireToken(ClientCredentialParameters.builder(Set.of("Directory.ReadWrite.All")).build());
future.handle((authenticationResult, throwable) -> {
if( throwable != null ) {
System.out.println("throwable = " + throwable);
return null;
}
String accessToken = authenticationResult.accessToken();
System.out.println("accessToken = " + accessToken);
return null;
});
When I run this, I get an exception:
java.util.concurrent.CompletionException: com.google.gson.JsonSyntaxException: java.lang.IllegalStateException:
Expected BEGIN_OBJECT but was STRING at line 1 column 1
When I debug, I see that the JSON is not JSON, but a HTML page with this body:
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>404 - File or directory not found.</h2>
<h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3>
</fieldset></div>
</div>
</body>
What am I doing wrong?
Issue Analytics
- State:
- Created 4 years ago
- Comments:17 (5 by maintainers)
Top Results From Across the Web
Application types that can be used in Active Directory B2C
Every application that uses Azure AD B2C must be registered in your Azure ... identity) and by using the OAuth 2.0 client credentials...
Read more >Client Credentials Grant Flow with Azure AD B2C
In the Azure AD B2C - App registrations page, select the application you created, for example webapp1. · In the left menu, under...
Read more >Azure B2C client credentials grant - Stack Overflow
The quick-start you referenced is using the client credentials grant, which is not yet supported in Azure AD B2C. Under the section Daemons...
Read more >Using OAuth2 Client Credentials grant type in Azure ADB2C
Although the OAuth 2.0 client credentials grant flow is not currently directly supported by the Azure AD B2C authentication service, ...
Read more >How to secure app to app communication with Azure AD B2C ...
Secure communication between apps registered in the Azure AD B2C using OAuth 2.0 client credentials flow · Introduction · Application ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Thanks for that. It works indeed using the code you presented here. Thanks!
@sangonzal - I am trying to do similar but I want to authenticate against the B2C directory itself
Basically I want a generic token for ‘unregistered’ users
How would the second part of the example above look if not using graph pls?