Azure AD B2C, no UserInfo URL
Hello, we're trying to integrate Talkyard OIDC with our backend B2C tenant and B2C doesn't support the UserInfo URL. I've noticed in some other OIDC integrations, there is a property to not require the UserInfo URL during OIDC authentication. I don't see anything like that in the TalkYard documentation. Is there anyway to make the UserInfo URL optional?
- 2 replies
There's currently no way to do that. It'd be simple to add a setting for that. Talkyard already skips the user info request, if it notices it's Azure, but maybe this works for B2B only, not B2C.
in some other OIDC integrations, there is a property to not require the UserInfo URL during OIDC authentication
Ok, then I suppose it'd be good with such a skip-user-info-request setting in any case.
Maybe will have fixed this some time next week or the week after that. (The time consuming thing would be to verify that it actually works, & auto tests.)
(It's "Talkyard" not "Yardtalk" :- ))
- KIn reply tokumaichi⬆:@kumaichi
Thanks for your response, sorry about the spelling error, I will correct. I started looking at the Ty code and I see the UserInfo call is ignored if Ty has everything it needs in the id_token. I believe what is happening, the OpenAuthDetails class has 6 required fields and I'm thinking the issue is the B2C id_token returns a list of emails instead of just one email, so that would definitely fail the required check. We're going to try and get the id_token to return just one email and see if that gets us anywhere. Thanks again for your help!