2

I need to be able to get an identity/access token to a backend API for a native client, where the native client must use native UI to collect username and password.

I want to use Azure AD B2C but I cannot get clear, explicit info if the Resource Owner Password Grant flow is supported. Is it possible to get a token from Azure AD B2C by programmatically posting username and password somewhere?

Sentinel
  • 3,582
  • 1
  • 30
  • 44
  • I was just announced that this is close to being in private preview, so it is moving forward :) See https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/13817784-add-support-for-resource-owner-password-credential – Mattias Lindberg Feb 14 '18 at 12:52
  • Thanks, also received the info. We had to dump b2c in the end for both complexity and cost. – Sentinel Feb 15 '18 at 06:34

3 Answers3

2

Azure AD B2C does not support the "Resource Owner" password grant yet.

You can support this feature ask and get updates on its progress by voting for it in the Azure AD B2C feedback forum: Add support for Resource Owner Password Credentials flow in Azure AD B2C.

Saca
  • 10,355
  • 1
  • 34
  • 47
  • Thanks for the swift response, please can you reconcile this with the advice given by a MSFT employee here https://stackoverflow.com/a/44539932/442396 Is this approach technically feasible as a short term solution? – Sentinel Jul 10 '17 at 12:22
  • 1
    That approach in that answer does work, though it's a workaround and not officially supported. It also has several caveats and complexities. If it works for you, it's a "use it at your own risk". – Saca Jul 10 '17 at 14:26
0

Is it possible to get a token from Azure AD B2C by programmatically posting username and password somewhere?

You can use the Azure AD Client Credential Flow to obtain a token. See this SO Post.

ROPC might be the right OAuth Flow for you, but before you start using it, you might want to check out this blog post: Why the Resource Owner Password Credentials Grant Type is not Authentication nor Suitable for Modern Applications.

spottedmahn
  • 14,823
  • 13
  • 108
  • 178
0

Resource Owner Password Credential flow is now supported in Azure AD B2C.

Do note however that confidential client flow, where the application secret is verified, is not supported.

Daniel Elkington
  • 2,560
  • 6
  • 22
  • 35