Azure Adb2c External IDP Authentication Browser Back Button Click redirects to External IDP Again

Logesh Palani 1 Reputation point MVP
2024-05-07T09:47:53.4+00:00

We have AD B2C Authentication with .NET 8 MVC Web Application. We configured Open Id Provider with Custom Policy in Adb2c. The authentication is working successfully. But the problem is, after the External IDP successful authentication, the provider redirects to the web site. Now User clicks on browser back button, the site redirect to external idp, because the history is there in the window (single and multiple click applicable). On multiple click adb2c shows bad request, because session is already exist in the browser window.

Info: we disabled the External IDP SSO login for force login every time, since adb2c manages the users session.

Web site => Adb2c + External IDP => Successful Authentication => Redirects to Web Site => Web Site => Browser Back Button (Single Or Multiple click) <= External Idp or Adb2c Bad Request.

Is there any way to restrict the redirection to external idp or adb2c bad request, I tried the browser back button click disable, that didn't help.

is there any way to handle this adb2c bad request in asp.net core mvc.

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,241 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,850 questions
{count} votes