Hi @Giedrius Stasiulis ,
Thanks for reaching out.
I would like to be able to distinguish different "error code" situations, taking into account MFA. So far I have been able to capture when user cancels/closes the authentication window - which throws MsalClientException with an error code authentication_canceled
****.
The idea behind getting these errors is to catch them, and redirect the user where you want - for example sign-up or sign-in page, etc. The error is handled by the application based on the code sent back. For example, in an MVC app in the startup.auth.cs add the following to tell the application where to send the user.
/*
* Catch any failures received by the
authentication middleware and handle appropriately
*/
private Task
OnAuthenticationFailed(AuthenticationFailedNotification<OpenIdConnectMessage,
OpenIdConnectAuthenticationOptions> notification)
{
notification.HandleResponse();
// Handle the
error code that Azure AD B2C throws when trying to reset a password from the
login page
// because
password reset is not supported by a "sign-up or sign-in policy"
if (notification.ProtocolMessage.ErrorDescription != null &&
notification.ProtocolMessage.ErrorDescription.Contains("AADB2C90118"))
{
// If the
user clicked the reset password link, redirect to the reset password route
notification.Response.Redirect("/Account/ResetPassword");
}
// Added to
redirect to Home page due when pressing the Cancel button
else if
(notification.ProtocolMessage.Error == "access_denied" &&
notification.ProtocolMessage.ErrorDescription.StartsWith("AADB2C90091"))
{
notification.Response.Redirect("/Home/Index");
}
else if
(notification.Exception.Message == "access_denied")
{
notification.Response.Redirect("/");
}
else
{
notification.Response.Redirect("/Home/Error?message=" +
notification.Exception.Message);
}
return Task.FromResult(0);
}
Reference of error codes - https://learn.microsoft.com/en-us/azure/active-directory-b2c/error-codes
is there a way to get a more detailed error information (like the one from Fiddler) from an exception that is thrown by AcquireTokenInteractive in such case?
You can use Application Insights to extract error details in your B2C application.
Application Insights provides a way to track and analyze telemetry data from your application, including exceptions and other errors. You can use Application Insights to track exceptions and errors that occur in your B2C application, and then analyze the data to identify and fix issues.
Reference - https://github.com/azure-ad-b2c/vscode-extension/blob/master/src/help/app-insights.md
This will provide you details which user journey has invoked this error.
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.