How can we improve Azure Active Directory?

Add support for Resource Owner Password Credentials flow in Azure AD B2C and headless authentication in Microsoft Authentication Library

Add support for Resource Owner Password Credentials flow in Azure AD B2C and headless authentication in Microsoft Authentication Library, just like Azure AD and Active Directory Authentication Library has.

The Azure AD B2C page has been saying 'Get tokens using a username & password with the OAuth 2.0 Resource Owner Password Credentials Flow (coming soon)' since September 2015.
https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-reference-protocols/

310 votes
Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)

We’ll send you updates on this idea

Nn Svensson shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

64 comments

Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
Submitting...
  • William Noel commented  ·   ·  Flag as inappropriate

    I've waited literally years for items on this backlog to be completed.

    Given the rate of progress on this item, it's reasonable to assume that we will see more delays rather than an on schedule delivery.

    Gotta go with what works now, and that's Google.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I've successfully tested this. Do you have any news then it will be in GA? Thank you!

  • Rasmus commented  ·   ·  Flag as inappropriate

    What is the timeline for this, I need it for an app currently under development. I would be sad to have to move to another provider as this feature is essential for our app.

  • Coding Panda commented  ·   ·  Flag as inappropriate

    What is the timeline for this feature to transition from Preview to Release (General Availability)

  • Chris Brawley commented  ·   ·  Flag as inappropriate

    I am implementing ROPC for our mobile app and successfully have authenticate and refresh working. Is API support planned for create account, password reset and edit profile via this API?

    I need these capabilities to round out our mobile only experience for our end customers.

  • Naveen Nagaraju commented  ·   ·  Flag as inappropriate

    We make use of AD username and password for authenticating the Users using Silent Sign in mechanism through AAD, where External apps makes a call to Web API[Authentication] with the valid credentials which will be inputted by user on 3rd party app UI[Login page], 3rd party app will make a call to Custom Web API[Authentication] will in turn makes a call to GraphAPI services to get the used authenticated where if successfully authenticated user will be issued with a Token.
    It works Good for Internal Users , but when user is registered as guest user it fails though we are making an attempt for user to create new password on AAD.
    This feature is working good using Microsoft sign-in page , but when we make a call to Graph API using silent sign in it fails .
    This is the bare minimum feature which has to be provided for AAD services[Graph API etc] for supporting authentication mechanism , Can we get this Fixes in near releases , which will empower Application’s user AAD as a single platform for any authentication mechanism .

  • tourili commented  ·   ·  Flag as inappropriate

    I`m experiencing a limitation problem here when asking scope for both the app id and its own scopes:

    "error": "invalid_request",
    "error_description": "AADB2C90146: The scope 'openid 681ab7b4-2145-4dc9-b457-dcd5ae220b73 offline_access https://myB2C.onmicrosoft.com/api/sb.read'; provided in request specifies more than one resource for an access token, which is not supported.\r\nCorrelation ID: 8d958e72-8db2-41c2-8fbf-78d671dd894e\r\nTimestamp: 2018-06-07 20:33:20Z\r\n"

    (https://github.com/MicrosoftDocs/azure-docs/issues/9885)

  • Wojciech Turowicz commented  ·   ·  Flag as inappropriate

    I did manage to get tokens to be used in my APIs but the 'kid' validation fails. Is this a known feature? Don't really want to have to disable signature validation :/

← Previous 1 3 4

Feedback and Knowledge Base