{"id":39760,"date":"2020-07-23T06:00:38","date_gmt":"2020-07-23T13:00:38","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/premier-developer\/?p=39760"},"modified":"2020-07-20T09:09:17","modified_gmt":"2020-07-20T16:09:17","slug":"using-oauth2-obo-with-azure-ad-b2c","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/premier-developer\/using-oauth2-obo-with-azure-ad-b2c\/","title":{"rendered":"Using OAuth2 OBO with Azure AD B2C"},"content":{"rendered":"<p>In this post, Consultant <a href=\"https:\/\/www.linkedin.com\/in\/marius-r-30200687\/\">Marius Rochon<\/a> gives an implementation of <a href=\"https:\/\/tools.ietf.org\/html\/rfc6749#section-4.5\">OAuth2 Extension Grants<\/a> (OBO) using Azure AD B2C.<\/p>\n<hr \/>\n<p>Currently, Azure B2C does not support the extension grant. This sample uses a custom web service (B2BOBOWeb) to provide a token endpoint, which handles the Extension Grant requests and communicates with B2C to respond with a valid response (access token). It uses a specific B2C tenant configured with custom journeys to handle this communication.<\/p>\n<p><strong>Note:<\/strong>\u00a0this sample code, not intended for production use.<\/p>\n<p>Get the sample code <a href=\"https:\/\/github.com\/mrochon\/b2cobo\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This sample uses a custom web service (B2BOBOWeb) to provide a token endpoint, which handles the Extension Grant requests and communicates with B2C to respond with a valid response (access token). It uses a specific B2C tenant configured with custom journeys to handle this communication.<\/p>\n","protected":false},"author":582,"featured_media":37840,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[80,25,1,96],"tags":[69,1131,289],"class_list":["post-39760","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-net","category-azure","category-permierdev","category-security","tag-azure-ad","tag-b2c","tag-oauth2"],"acf":[],"blog_post_summary":"<p>This sample uses a custom web service (B2BOBOWeb) to provide a token endpoint, which handles the Extension Grant requests and communicates with B2C to respond with a valid response (access token). It uses a specific B2C tenant configured with custom journeys to handle this communication.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/posts\/39760","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/users\/582"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/comments?post=39760"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/posts\/39760\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/media\/37840"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/media?parent=39760"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/categories?post=39760"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/premier-developer\/wp-json\/wp\/v2\/tags?post=39760"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}