question

SeanKilleen avatar image
0 Votes"
SeanKilleen asked azure-cxp-api edited

How to add additional header information to Azure B2C REST call?

Hi all,

I am attempting to call an API with Azure B2C during a user journey. The API I'm calling requires two headers to be present -- a client ID and a client secret.

When I define both the client_id and client_secret values within <CryptographicKeys>, I receive an error that only one key is expected for ApiKeyHeader authentication type. So it appears I cannot provide multiple headers this way.

Is there a way to allow multiple headers in this way? Or alternatively, is there some other way I'm unaware of where I can provide the client ID as a header without referencing it as a key, since it doesn't need to be secured in my case?

My technical profile currently looks like this (scrubbed of identifying information)

<TechnicalProfile Id="Call-Workflow-On-Registration">
          <DisplayName>Call Workflow for User upon Registration</DisplayName>
          <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
          <Metadata>
            <!-- TODO: Remove ngrok URL in favor of actual URL. The ngrok URL forwards to the listening developer's machine so we can examine calls. -->
            <Item Key="ServiceUrl">http://scrubbed.ngrok.io/users/registrationRequests</Item>
            <Item Key="AuthenticationType">ApiKeyHeader</Item>
            <Item Key="SendClaimsIn">Body</Item>
            <Item Key="ClaimUsedForRequestPayload">workflowRequestBody</Item>
            <Item Key="DefaultUserMessageIfRequestFailed">Cannot process your request right now, please try again later. (Reference ID: 1827346)</Item>
          </Metadata>
          <CryptographicKeys>
            <Key Id="client_id" StorageReferenceId="B2C_1A_WorkflowClientIdNonProd" />
            <Key Id="client_secret" StorageReferenceId="B2C_1A_WorkflowClientSecretNonProd" />
          </CryptographicKeys>
          <InputClaimsTransformations>
            <!-- This generates the JSON body using the user's object ID -->
            <InputClaimsTransformation ReferenceId="GenerateWorkflowBody" />
          </InputClaimsTransformations>
          <InputClaims>
            <!-- This claim is provided by the InputClaimsTransformation -->
            <InputClaim ClaimTypeReferenceId="workflowRequestBody" />
          </InputClaims>
          <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
        </TechnicalProfile>
azure-ad-b2c
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi, we are investigating your issue and will update you shortly.

Best,
James

0 Votes 0 ·

1 Answer

SeanKilleen avatar image
0 Votes"
SeanKilleen answered soumi-MSFT commented

Hi all,

To get around this, I ended up having to proxy the request. It looks like there's a limitation on Azure B2C to allow multiple claims. I was able to modify the endpoint I'm integrating with to ensure it can work with this setup.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @SeanKillean, Yes, you are correct, that a limitation, and hence it's not possible.

0 Votes 0 ·