how to get unique session Id from azure b2c sign-in

Question

I am using azure b2c with web app integration with cookie based authentication. I am using standard sign-in user flow and i want to get unique session for every login so that i can tie up with customer journey and tracking for each login session. Also I have observed that If i delete all the cookie from the web app still the customer is logged in even though the request doesn't have any cookie and on the server side I am getting all the claim of the customer. So how does this authorization flow work as there are no cookie and bearer token in the header

Answer 1

Hello @Anonymous ,

I believe you have asked the same query on Stackoverflow it seems. Incidentally I was also searching for similar question and I stumbled on the question here.

Disclaimer :- The following answer is provided for the benefit of the QnA community and was originally written by Brando Zhang on Stackoverflow.

If you want to get a session id in your application, you could refer to below codes:

Firstly, you should register the session in the startup.cs ConfigureServices method.

services.AddSession(options =>  
{  
    options.IdleTimeout = TimeSpan.FromSeconds(10);  
    options.Cookie.HttpOnly = true;  
    options.Cookie.IsEssential = true;  
});  

and add usesession method in the Configure method:

    app.UseSession();   

Secondly, you could get the session id in controller:

    var re = HttpContext.Session.Id;  

Notice: If you don't set any session in your controller, the sessionid will change for every request which sent from client side.

For detailed discussion around this . Please visit the original query on stackoverflow.

.