How do I transform a claim to a HMACSHA256 based token

andrewz 20 Reputation points
2023-01-19T13:49:33.1566667+00:00

I am creating a custom policy to use Azure B2C as an IdP to integrate with a legacy authentication service. The legacy service and the new IdP share a secret.

The legacy authentication service has a custom authentication flow and requires that a HMACSHA256 based challenge token is sent to it as part of its authentication process using the shared secret as the key.

I am unable to find a way to create / transform a token to a HMACSHA256 based output claim. What are the recommended patterns to address a situation such as mine ?

I tried https://learn.microsoft.com/en-us/azure/active-directory-b2c/general-transformations#hash but the computed hashes do not match since the hashing function is not a HMACSHA256.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,639 questions
Accepted answer
  1. Shweta Mathur 27,616 Reputation points Microsoft Employee
    2023-01-24T11:54:18.6966667+00:00

    Hi @andrewz ,

    Thanks for reaching out and thank you for your time and patience.

    Unfortunately, Azure AD B2C doesn't create or transform HMACSHA254 token.

    Also, it is not possible to do transformations on the resulting token. Claim transformation will only apply to claims in the claims bag.

    You can post this idea at the Azure Feedback Portal, which is monitored by the product team for feature enhancements.

    Hope this will help.

    Thanks,

    Shweta

    Please remember to "Accept Answer" if answer helped you.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest