[cas-dev] CAS 7.x with Azure AD B2C
2 views
Skip to first unread message
Pablo Vidaurri
Aug 22, 2023, 1:42:00 AM8/22/23
to CAS Developer
We created new instance of azure ad b2c (Entra).
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-dev+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/7b55eaa1-10cd-4f8d-941b-2bd1ded01bacn%40apereo.org.
I am able to include the azuread dependency and provide config for client-id, secret, tenant-id.
When attempting to login, I do get a token returned. Second step looks like it is making a call to https://graph.microsoft.com/v1.0/users/<user-id>. In this case, the user-id is the email address the user provided at login. But I get a 404 returned.
Talking with Microsoft, they said I cannot use an email address as the identifier for this end point. I can only use a UPN or Object Id of the user. Both are cryptic hash values and would require that I store a mapping of either of those values to email address then possibly have a groovy transformation to replace user-id with object id value.
Has this feature been tested and a confirmed solution? I'm trying to figure out if there is a config issue on the CAS side, a setup issue on this new Azure AD B2C instance, or if the feature is not working yet in CAS.
Thanks.
-psv
-- You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-dev+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/7b55eaa1-10cd-4f8d-941b-2bd1ded01bacn%40apereo.org.
Reply all
Reply to author
Forward
0 new messages