We created new instance of azure ad b2c (Entra). I am able to include the azuread dependency and provide config for client-id, secret, tenant-id.
When attempting to login, I do get a token returned. Second step looks like it is making a call to https://graph.microsoft.com/v1.0/users/<user-id>. In this case, the user-id is the email address the user provided at login. But I get a 404 returned. Talking with Microsoft, they said I cannot use an email address as the identifier for this end point. I can only use a UPN or Object Id of the user. Both are cryptic hash values and would require that I store a mapping of either of those values to email address then possibly have a groovy transformation to replace user-id with object id value. Has this feature been tested and a confirmed solution? I'm trying to figure out if there is a config issue on the CAS side, a setup issue on this new Azure AD B2C instance, or if the feature is not working yet in CAS. Thanks. -psv -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/7b55eaa1-10cd-4f8d-941b-2bd1ded01bacn%40apereo.org.
