I followed this sample https://github.com/Azure-Samples/active-directory-b2c-xamarin-native to implement Azure B2C auth in Xamarin Forms.
There are two GUID in the sample
B2CConstants ClientID = "e5737214-6372-472c-a85a-68e8fbe6cf3c";
AndroidManifest.xml
<data android:scheme="msale5737214-6372-472c-a85a-68e8fbe6cf3c"
and
MsalActivity.cs DataScheme = "msal90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6")]
Info.plist
<string>msal90c0fe63-bcf2-44d5-8fb7-b8bbc0b29dc6</string>
The first one is the clientId for the registered app in tenant, what about the second?
Some blogs called applicationId, so how can I get this from the Azure portal?
It's a Custom Redirect URI.You should make sure that your application has enabled the Native client setting and create it as shown in the following screenshot:
You could look at this.
Related
I am working on Microsoft authentication using firebase. its a web project in vuejs 2 tech. I have followed this Documentation step by step for firebase and code section also followed this Documentation for creating account in azure portal but getting this error:
error FirebaseError: Firebase: Error getting verification code from microsoft.com response: error=invalid_request&error_description=Proof%20Key%20for%20Code%20Exchange%20is%20required%20for%20cross-origin%20authorization%20code%20redemption.&state=AMbdmDnE2TjhyB-T1hIHqYTh73Za9GIrASM-9NFz4trUb4QSLmP6W_qIFNCSl2fmUyq0tTvTNeB3Yg1a3XmOHg93aDItLCJTEEf9B-6EdpPLzR-_mkV9bI3QLoTyT3JQl9Pldczh3BfRlTZQ2KwKfV8IxgpHoXxKJByVzaB-M1wxWO9ESh7Ap_2BvNYHrq2tSFQHbK9D70l7xzi292de6G4rbGUgKmtuTtND4B671A1sxhD2-1WTWaCXkLMv_R7q5JTiWmfqn12ZipA_RWnMBDkPRhglBVReg6jBCRWKv1PvWN2dVQOQfjIoTKRfUs8VK4KfMDR6rYAVst8UStsO79nPN27_32yBjoU9pdl3 (auth/invalid-credential).
at _errorWithCustomMessage (vendors~app~._node_modules_#firebase_auth_dist_esm2017_index-1679a2b2.js~8334e211.js:568:20)
at _performFetchWithErrorHandling (vendors~app~._node_modules_#firebase_auth_dist_esm2017_index-1679a2b2.js~8334e211.js:1085:23)
at async _performSignInRequest (vendors~app~._node_modules_#firebase_auth_dist_esm2017_index-1679a2b2.js~8334e211.js:1100:29)
at async _signInWithCredential (vendors~app~._node_modules_#firebase_auth_dist_esm2017_index-1679a2b2.js~8334e211.js:4706:22)
at async PopupOperation.onAuthEvent (vendors~app~._node_modules_#firebase_auth_dist_esm2017_index-1679a2b2.js~8334e211.js:7965:26)
please suggest what could be the possible fix for the above issue
I was able to fix this problem by doing under written 2 steps
step 1 : I created SPA platform on azure portal but it should be web platform so just deleted the SPA and added web platform to fix this problem
To configure application settings based on the platform or device you're targeting, follow these steps:
In the Azure portal, in App registrations, select your application.
Under Manage, select Authentication.
Under Platform configurations, select Add a platform. Under
Configure platforms, select the tile for your application type
(platform) to configure its settings.
step 2: we have to Application secret in fire base console which need to be copied correctly from azure portal
basic steps to create and add a client secret
In the Azure portal, in App registrations, select your application.
Select Certificates & secrets > Client secrets > New client secret.
Add a description for your client secret.
Select an expiration for the secret or specify a custom lifetime
Select Add.
Record the secret's value for use in your client application code. This secret value is never displayed again after you leave this page.
please read the last step properly which says we have to copy key value if you left the page the value will be hidden like this with *** so in that case just delete this key and add new client key then copy the value (it "Value" field not "Secret ID" field)
now just add that key to your fire base console in application secret field
Note: try to follow these documentations properly Firebase documentation and microsoft azure documentation
I'm using Google Cloud Platform's Identity Platform product in multi-tenancy mode. I have one GCP project with two web apps and each app has a tenant in Identity Platform:
Tenant A with the tenant ID tenant-a-1234 at a.example.com
Tenant B with the tenant ID tenant-b-5678 at b.example.com
I need to generate password reset links for users in these tenants. The Firebase Admin SDK generates links using the Action URL that is defined in the Firebase console under Authentication > Templates. That works fine when it's vanilla Firebase with a single tenant but I'm using Identity Platform and multi-tenancy so I need an Action URL for each tenant so that links for Tenant A point to a.example.com and links for Tenant B point to b.example.com.
Here's an example of how I'm generating the links:
let tenantId = 'tenant-b-5678';
let email = 'foo#b.example.com';
const auth = admin.auth().tenantManager().authForTenant(tenantId);
auth
.generatePasswordResetLink(email)
.then((resetUrl) => {
console.log(resetUrl);
});
resetUrl is forever stuck using whatever domain name is set in the Firebase console and it enforces this for all tenants in the project.
It's not feasible for me to have one email action handler page that handles both tenants. Ideally, I would be able to call the Firebase API and pass in a custom Action URL to have the generated link use it. That doesn't appear possible.
One alternative would be to have my Cloud Function generate the link and then find and replace the domain name. I'd rather not maintain a static mapping of sites to tenant ids in my code, and it seems like this is something Identity Platform probably can do for me, so I'm hoping there's an alternative.
How do I use a unique Action URL for each Identity Platform tenant when generating email action links with the Firebase Admin SDK?
I have two different web portals that use the same Database.
The first one is a legacy web portal built in asp .net and the second one is made using Angular which consumes API's on the backend and uses JWT token based authentication.
Now I want to implement SSO in such a way that a user logs in to the ASP .NET portal and clicks on a button which takes the user to the Angular web portal without having to login on the Angular App again.
Similarly when the user logs out from the ASP .NET he should be automatically logged out from the Angular app too.
Any ideas how to implement this custom SSO?
It's very easy as both portal sharing same DB.
Just pass any unique token or identifier with button click to another portal.
then you can identify user based on token/identifier and sign-in directly.
Just need to make sure identifier is unique for each user.
Example:
In DB you have user record like:
User Id: 1, name: xyz, UUID: 123-123-456
User Id: 2, name: abc, UUID: 123-123-455
now while link will have something like this:
https://somedomain.com/page-path?token=123-123-456
I am trying to use google identity platform for my application by following the below link
Google Identity Platfrom
But on this page, no identity provider mentioned for LinkedIn and same is not searchable on web.
What I understood is Google's Identity platform is using Firebase underneath. I am just wondering, on Firebase portal it is mentioned that a custom implementation is required for LinkedIn whereas under the GCP account -> Add provider I can see LinkedIn.
What I would like to know is, if it is possible to add LinkedIn as provider out of the box under identity platform.
You can use LinkedIn.com provider directly via Identity Platform without using custom authentication. It is the same as using a generic OAuth provider like Microsoft or any other provider. Here is an web example:
const provider = new firebase.auth.OAuthProvider('linkedin.com');
firebase.auth().signInWithPopup(provider)
.then((userCredential) => {
// User signed in.
})
.catch((error) => {
// Error signing in.
});
However, this is currently not yet available in Firebase.
I am trying to authenticate a user with Azure Mobile Services from within a ASP.NET Web Form (.aspx.cs).
I have provisioned my Mobile Service to authenticate with Facebook using the steps described here: http://azure.microsoft.com/en-us/documentation/articles/mobile-services-windows-store-dotnet-get-started-users/.
This tutorial, however, describes authenticating in a XAML app where popups can appear, but I need to Log the user in within a postback of the web form, where showing a popup is impossible.
According to the docs I can do this by using the LoginAsync() function, like this":
MobileServiceClient client = MyAppsMobileClient.getClient(); //this handles setting the app ID and url
MobileServiceUser user = client.LoginAsync("facebook","");
Now, my problem is the second argument of this function. According to the docs, this is of type JObject, and apparently it is a JSON object I obtain from facebook when I first log in. Now, I can make a simple Login form for the user to enter his facebook ID and password, but I still don't know how to obtain the JObject I need to log in to Mobile Services. Do I need to delve into the Facebook APIs? Is this done using Ajax? Any examples, guides or tutorials on this would be welcome.
You can create a jObject from the data received from Facebook like this:
var token = JObject.FromObject(new
{
access_token = "YOUR TOKEN HERE"
});
This sample was taken from this SO thread:
Azure Mobile Service LoginAsync with Facebook Token is Unauthorized
And here you can read how to obtain an access token from Facebook using JavaScript:
Obtaining an Access Token