question

CarlosBarragan-5927 avatar image
0 Votes"
CarlosBarragan-5927 asked bhushangawale edited

Userinfo endpoint test

Hi,

I did the configurations in the document https://docs.microsoft.com/en-us/azure/active-directory-b2c/userinfo-endpoint?pivots=b2c-custom-policy.
When I get to the testing part and I use Postman I get an 401 Unauthorised. So, I cannot test my endpoint. I'm trying to use it with Salesforce as SP. In salesforce after introducing the username and password I get the error "We can’t log you in because of an authentication error.".

Does any know what's happening and to test the endpoint?

Thanks

azure-ad-b2c
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

This error often means that the access token may be missing in the HTTP authenticate request header or that the token is invalid or has expired.

Not sure if this is related, but I saw a similar issue where someone said that you should not specify the UserInfo endpoint on the Auth. Provider in Salesforce unless it’s used for Single-Sign-On AND you are not specifying an App Registration in the Scopes-field.

This blog post says:

"If you specify an 'App Registration scope' in the Scopes-field and specify the UserInfo endpoint Salesforce will attempt to read from the UserInfo endpoint following successful authentication using the obtained access token which will fail because the access token is only valid for the intended API."




0 Votes 0 ·
SureshBabu-6952 avatar image
0 Votes"
SureshBabu-6952 answered SureshBabu-6952 published

@CarlosBarragan-5927 , did you managed to get this solved? i have been having very hard time getting this work with salesforce as SP and B2C as IDP. Can you pls let me know if you managed to get that working?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

bhushangawale avatar image
0 Votes"
bhushangawale answered bhushangawale edited

Has anyone managed to resolve this? Facing similar error in one of the Azure AD B2C environment where UserInfo endpoint continues to throw 401 Unauthorized error even after presenting a valid access token to it.

Must admit that there is huge scope of improvement when it comes to overall documentation of Azure AD B2C specifically around custom policies (which is not a very user friendly way to customize user journeys and experience) and also a lot of third party integrations where B2C could act as IDP e.g. Salesforce. If something can be done to make UserInfo endpoint available natively in B2C it would resolve half of the issues associated getting UserInfo endpoint working for AAD B2C.

Any input on original issue would be appreciated. Thanks!

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.