Azure AD B2C - Share Azure B2C authentication between a WPF application and a Web application

Jonathan GALLAIS 1 Reputation point
2022-09-09T15:57:15.583+00:00

We have got a legacy WPF application, with is own custom authentication. (login/password)
We want to migrate to Azure AD B2C authentication, in parallel (Keep the both).
The new features will be Web applications, that will be embedded in WebBrowser/CefSharp controls in the legacy WPF application.
On this new Web application, we want only use Azure AD B2C.

We want that the user, only authenticate with the legacy authentication process, whe in enter in the Wpf Application.
When the user open à new feature (in a embedded WebBrowser), we want the authentication to be "Silent".

Today, we are able to get a Azure AD B2C Access token, with the legacy authentication informations, using the AcquireTokenByUsernamePassword.
But we don't found any solution to share this authentication with the Web Application embedded in the wpf application.

We looked on :

  • Broker
  • SSO
  • KMSI
    but without any result.
    All that solutions are to share Authentication between Web Applictions.

So, how ca we share the Azure AD B2C authentication between the application WPF, and the embeded Web Application ?

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
36,256 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,326 Reputation points
    2022-09-13T00:28:20.903+00:00

    Hello @Jonathan GALLAIS and thanks for reaching out. In order to silently authenticate you need to pass the Account obtained during the AcquireTokenByUsernamePassword call to the AcquireTokenSilentAsync method. E.g. 

       async Task OpenNewFeature(string[] scopes, AuthenticationResult acquireTokenByUsernamePasswordAuthenticationResult){  
     
        result = await app.AcquireTokenSilent(scopes, acquireTokenByUsernamePasswordAuthenticationResult.accounts.First())  
           .ExecuteAsync();  
     
       // ...  
   }

    Later on, to easily (no brokers) leverage SSO between web applications you will need to interactively authenticate (not AcquireTokenByUsernamePassword) and enable System Browser. Also, please take a look to the WAM Preview in MSAL 4.44+.

    KMSI will also need interactive authentication.

    Let us know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.

    0 comments