secure a web application and a webapi using b2C and dotnetcore : 404 - File or directory not found

Question

User555052328 posted

Hi ,  I have some issues when using azure ad b2C  .

the error message is :  <h2>404 - File or directory not found.</h2>

the error occur when getting access token

I have to secure a web application and a webapi using b2C using dotnetcore, both are registered on azure ad

the code sample is here : https://github.com/doorwaaar/ad_auth-b2c-webapi-webmvc

Someone can help me fine whats wrong  ?

Do you have some links to secure a web application and a webapi using b2C and  dotnetcore ?

Answer 1

User1724605321 posted

Hi doorwaaar,

You can refer to below code sample which shows how to build a web API with Azure AD B2C using the ASP.Net Core JWT Bearer middleware :

https://github.com/Azure-Samples/active-directory-b2c-dotnetcore-webapi 

Best Regards,

Nan Yu

Answer 2

User555052328 posted

This sample is about a single application.

But I have two applications registered in the portal : a web application and a wepapi  application 

So I cannot configure them using b2c, the web app calls the api , and both are protected by azure ad using b2C

best regards

Answer 3

User1724605321 posted

Hi doorwaar ,

Please refer to below code sample for how to build an MVC web application that performs identity management with Azure AD B2C using the ASP.Net Core OpenID Connect middleware:

https://github.com/Azure-Samples/active-directory-b2c-dotnetcore-webapp 

In that app , to call web api , you just need to modify the OnAuthorizationCodeReceived function to use code to get the access token form Azure AD's token endpoint using MSAL :

 public async Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedContext context)
            {
                // Use MSAL to swap the code for an access token
                // Extract the code from the response notification
                var code = context.ProtocolMessage.Code;

                string signedInUserID = context.Principal.FindFirst(ClaimTypes.NameIdentifier).Value;
                TokenCache userTokenCache = new MSALSessionCache(signedInUserID, context.HttpContext).GetMsalCacheInstance();
                ConfidentialClientApplication cca = new ConfidentialClientApplication(AzureAdB2COptions.ClientId, AzureAdB2COptions.Authority, AzureAdB2COptions.RedirectUri, new ClientCredential(AzureAdB2COptions.ClientSecret), userTokenCache, null);
                try
                {
                    AuthenticationResult result = await cca.AcquireTokenByAuthorizationCodeAsync(code, AzureAdB2COptions.ApiScopes.Split(' '));


                    context.HandleCodeRedemption(result.AccessToken, result.IdToken);
                }
                catch (Exception ex)
                {
                    //TODO: Handle
                    throw;
                }
            }

Best Regards,

Nan Yu