terug naar overzicht


Insight insight

Applicatieontwikkeling Azure

Yuri Burger

+31 6 11 75 16 83


Azure Active Directory B2C With PKCE for Your Angular App

Let’s create and integrate an Angular app with Azure Active Directory Business to Consumers using the Authorization Code with Proof Key of Code Exchange flow.rnrnAlthough this post works with an Angular App, the concepts (including the twists and tweaks) needed to make it work for Azure AD B2C are universal for Single Page Applications. So even if you have Vue or React, this post could be useful.

The twist and tweaks with Azure AD B2C

Up until this point, things are pretty straightforwared. And if you were to run this example on any of the other well known Identity Service Providers, you would be finished after completing the previous part. For Azure AD B2C we need to do some additional configuration and coding to make things work well.

Issue 1: disable strict document validation

The mentioned library uses a feature called strictDiscoveryDocumentValidation by default. This ensures that all of the endpoints provided via the Identity Provider discovery document share the same base URL as the issuer parameter. Azure AD B2C provides different domains or paths for various endpoints and this makes the library fail validation. To use this library with Azure AD B2C we need to disable this document validation.rnrnThere is a property for this in the AuthConfig, just set the “strictDiscoveryDocumentValidation: to “false”