Passing Scope to Azure AD B2C

I have been playing a lot lately with Azure AD B2C, trying to look at replacing Auth0 with Azure AD B2C.

Auth0 is definitely the easier of the two to implement, for now.

Anyway, I have been using Postman to authenticate to Azure AD B2C when I began struggling with how to pass multiple scopes. 

Based on a couple articles I read, I passed the scopes separated by a space. Tried this, then inspected the token in https://jwt.io, and noticed my scopes were missing.

Hmmmm…

I found this article https://saraford.net/2017/11/10/testing-a-secured-web-api-using-postman and took a deeper look at how Azure was creating the endpoint.

I noticed that for each scope the full scope value was passed, e.g. https://<tenant>.onmicrosoft.com/<app>/<scope>. So I made that change to my Postman request and requested a new token.

I then inspected the token in https://jwt.io, and noticed ALL my request scopes were present.

Hopefully this saves someone a face plant or two, or three. 😊

For those working with Azure AD B2C, here are some links to some great articles that have helped, and continue to help me along the way.

Leave a Reply

Your email address will not be published.