active-directory-b2c-javascript-msal-singlepageapp | single page application calling a Web API | Azure library

I am experimenting with the following example: active-directory-b2c-javascript-msal-singlepageapp. I am able to get signed in. However I am getting User 'undefined' logged-in.

I get this on both the Azure b2c instance I created as well as the example. Is there a property that needs to be set somewhere? For example I noticed that the client side code contains scopes:

const loginRequest = { scopes: ["openid", "profile"], };

Do I set to set these properties somewhere in azure?

I'm trying to use Azure Active Directory B2C for my authentication flow for an SPA with a Node JS API. I'm using the code samples provided in the official tutorials (https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp and https://github.com/Azure-Samples/active-directory-b2c-javascript-nodejs-webapi). I've set up everything correctly as far as I know, and I've created Facebook and Google IDP registrations according to the documentation provided. I've set up the b2cPolicies using the default SignUpSignIn User Flow, so there's really nothing to configure there except to specify that I'm using email, Google and Facebook. I'm able to authenticate into Azure's sample SPA with both Google and Facebook without issue, the id_tokens are fine. When I click the button to access the /hello endpoint from the sample API, only the email and Facebook flows produce the correct access_token from the myMSALObj.aquireTokenSilent call, however, when using Google, the "Choose an Account" popup appears a second time. When I'm only logged into a single account, it appears briefly and vanishes again, but when logged into multiple accounts, I have to select one again. This is kind of a terrible user experience, is there some way around this?

I am working with react and I have to give my user login through Azure B2C, So I am trying to do that but I am not able to find out how to do that and what is the.

What I have tried

1. I got this example from Microsoft site which is done using plain JavaScript (vanilla), I have no idea how I will implement this in my react code.

So I tried to move with some react library, I google around and found This library

I have followed the same code they have written, but when I hit login button it takes me to login page of azure, So in my app.js I am doing console.log(authentication.getAccessToken()); after login it throws null, I don't know why

My code

I am using the Single-Page Application built on MSAL.js with Azure AD B2C together with the A B2C IEF Custom Policy - Sign Up and Sign In with 'Terms of Use' prompt and a custom RestAPI profile to enrich the output claims.

Everything seems fine until I press the "Call API" button of the application, which prompts the "I agree to the Terms of Service" popup:

This should not be happening, as the latest ToS were agreed upon signup. The same happens if I logout and login again. So somehow aquiring the access token prompts the same popup.

I believe that this prompt should be displayed only on signin anyway (i.e. when acquiring an id token), so something is not quite right with my setup.

Btw, the id token looks fine to me:

How could I fix this?

This is the custom policy that I am using:

Google's chrome browser update from 84.0.4147.89 to 84.0.4147.105 has broken MSAL login (authentication) in Incognito window for our application.

To verify that there is no issue with our application, I have tried Azure AD B2C login with the starter pack in Incognito browser and I see the same behavior. Has anyone experienced the same issue?

A similar issue was posted in the past by few developers. But the solution provided doesn't help. https://support.google.com/chrome/thread/38855209?hl=en

FYI: Login works as expected in Chrome regular browser and other browsers

Starter pack details: https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp

Starter pack has msal 1.3.3 version. Couple of days ago, 1.3.4 version has been released and I tried that as well. I see an error during acquiretokensilent(CallApi) in incognito while I don't get the same exception in regular window

The only difference between starter pack and our application is that we call acquiretokensilent immediately after the login is successful but in the starter pack acquiretokensilent is called on a button click(CallApi)

I'm trying to run the sample

https://github.com/Azure-Samples/active-directory-b2c-javascript-msal-singlepageapp

Part 1 works fine. I'm trying Part II with my own Azure AD B2C.

I updated policies.js file with the URL from my signup user flow and authconfig.js with my application id.

I have Azure function, which use Azure Active Directory B2C for authentication. I use SignUpSignIn flow for login and registration. When "Forgotten password" is clicked in Login dialog, AAD by design returns error code AADB2C90118 to callback redirect (described here). Azure function ends with "You do not have permission to view this directory or page." error.

How can i handle behavior of Azure function app to our own ResetPassword flow?

I'm thoroughly mystified by the b2cScopes attribute which is used when instantiating the Microsoft Authentication Library in the B2C use case for ASP.NET Core 3.1. Here's the canonical example, where confusingly the sample code doesn't actually implement a helloapi or a demo api: