Incorrect base url for azuread b2c backend #809
Comments
|
When I put together the PR, I didn't take into account the custom domains feature of b2c. I was just using b2clogin.com. Does it make sense to create a separate backend like azuread-b2c-custom-oauth2 for custom domains? |
|
I think the change also broke the URL for endpoints which do not contain a policy parameter, as described in https://learn.microsoft.com/en-us/azure/active-directory-b2c/b2clogin#endpoints-that-are-not-affected Obviously Microsoft has now (at least) three different ways to compose the base url which need to be distinguished. |
|
It would also be great to cover this topic in the documentation so that users know which backend to choose in which situation: https://github.com/python-social-auth/social-docs/blob/master/docs/backends/azuread.rst |
|
Hi, has there been any update on this issue. We are still facing the same issue as mentioned by @zahid-arbisoft. There is support for using just the authority host in other languages and frameworks but it breaks for python. |
fixes python-social-auth#809. The Authority Host can be defined to be a custom domain as well using front door in Azure. With this, the tenant name is not prefixed to the authority host in the base url. We update this by prefixing the tenant name with the default authority host only if the authority host is not defined.
As per this documentation, I think the base URL for backend "azuread-b2c-oauth2" for custom domain should be
BASE_URL = "https://{authority_host}/{tenant_name}.onmicrosoft.com"
but not
BASE_URL = "https://{tenant_name}.{authority_host}/{tenant_name}.onmicrosoft.com"
From Azure documentation:
The text was updated successfully, but these errors were encountered: