How to use dyanamic tenantid and client id in angular for AzureB2C and B2B to get authenticated with azureAD

Lakhan Shrivastav 0 Reputation points
2023-11-22T14:14:25.5633333+00:00

I am using msal in angular for getting authenticate with user for B2C tenant and B2B tenant where i am using userflows so for authority i need to know whether the AD is B2B or B2C where i need the to know how to use dyanamic values for msal after angular app get loads and get the user authenticates


export const msalConfig: Configuration = {
    auth: {
        clientId: azure_vars.resource_id.clientId, // This is the ONLY mandatory field that you need to supply.
        authority: azure_vars.is_AD_B2B ? "https://login.microsoftonline.com/".concat(azure_vars.resource_id.tenantId) : b2cPolicies.authorities.signUpSignIn.authority , // Defaults to "https://login.microsoftonline.com/common"
        knownAuthorities: [b2cPolicies.authorityDomain], // Mark your B2C tenant's domain as trusted.
        redirectUri: redirectId[0], // test with different routes // Points to window.location.origin. You must register this URI on Azure portal/App Registration.
        postLogoutRedirectUri: redirectId[0], // Indicates the page to navigate after logout.
        navigateToLoginRequestUrl: true, //need to check this false // If "true", will navigate back to the original request location before processing the auth code response.
    },
    cache: {
Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
6,031 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,318 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,187 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,454 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 29,446 Reputation points Microsoft Employee
    2023-11-29T07:38:40.71+00:00

    Hi @Lakhan Shrivastav ,

    Thanks for reaching out.

    Passing dynamic value in MSAL configuration can be achieved using APP_INITIALIZER

    https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/1403

    However, B2C is separate tenant and won't allow B2C users to authenticate in Azure AD/Microsoft Entra. Alternatively, you can leverage B2C to configure Azure AD/Microsoft Entra as IDP to allow users from Entra tenant to authenticate.

    Hope this will help.

    Thanks,

    Shweta

    0 comments No comments