question

MSG160-9033 avatar image
0 Votes"
MSG160-9033 asked MSG160-9033 edited

Azure B2B - authorization code variable length for Google.com federated auth

Hi,

We are using Azure B2B external identities to allow access to partners to an internal application that supports OAUTH2+OpenID Connect. We are seeing variances in the authorization code sent back to the redirect URI of our app when using B2B - this seems to be when using Google.com for signing in to B2B. Guest accounts can sign up using Google.com as a provider. The internal app (its a third party app) seems to have a limit in the length of the authorization code it accepts.

In most cases this hasn't been an issue. We are usually getting back an authorization code of around 1860 chars, plus state and session_state params of 36 chars each (guid). However, with certain Google.com accounts, the authorization code passed to the redirect URI is 1966 chars and causes an issue with our internal app.

I just wanted to understand why there could be variations in length of the authorization code passed to the redirect_uri of our app for some google.com federated domains and not others. I assumed there would be some consistency in the length of the code being passed in by B2B when sign-in is completed.

I can't seem to find any documentation around this.

Thanks

azure-ad-b2b
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers