2

Angular 7, msal.js, msal-angular.js and AzureAD B2C (Email provider).

I have 3 resources:

  • /home (no auth is required)
  • /RoleA (only authorized users with Role A can access)
  • /RoleB (only authorized users with Role B can access)

I have the following routes:

const routes: Routes = [
  { path: '', redirectTo: '/home', pathMatch: 'full' },
  { path: 'home', component: HomeComponent },
  { path: '', component: MainLayoutComponent, canActivate : [MsalGuard], children:[
    { path: 'rolea', component: RoleAComponent },
    { path: 'roleb', component: RoleBComponent }
  ]}
];

I have authentication working, however, there is no example of how MSAL would work with groups (assuming that Azure AD B2C groups are equivalent to roles)

This SO is old and discussing server-side: Authorize By Group in Azure Active Directory B2C

I couldn't find the required documentation or code to communicate between MSAL and Groups to implement a role-based access, any help would be appreciated.

Adam
  • 3,872
  • 6
  • 36
  • 66
  • Adam, If I am understanding your question correctly, you may need to make sure the roles are returned to you on the claims, you can enable the behavior thru the App Registration manifest, I believe the property that needs to be enable is groupMembershipClaims, you may also need to use MS graph to get some of the details. – Austin Jan 11 '19 at 19:27
  • 1
    Hi Adam, I'm looking at implementing some role based auth, or something similar, in B2C. Did you manage to find anything out about this? – Andrew Feb 12 '19 at 19:22
  • 1
    @Andrew No, couldn't find any – Adam Mar 05 '19 at 13:50
  • I'm working on this too. I've got authentication working in the front end but the next step is taking some serious time. I think it is that a lot of the angular apps are using other authentication services and not many are going to Azure. So far I have Postman using GRAPH to get the members of a group, but now need to get that into Angular and turn it into a member of call to secure routes. – goneos Mar 26 '19 at 02:57
  • I've got this far... https://stackoverflow.com/questions/55408226/ – goneos Mar 29 '19 at 03:28

0 Answers0