MSAL with Azure AD B2C and Single Sign On

2019-04-10 01:24发布

I'm working on a system with a few Angular 4 SPAs each talking to a separate Asp.NET Core 2.0 WebAPI.

Azure AD B2C is being used as the identity service for each SPA/API, and MSAL.js as part of our Angular SPAs.

We want to support Single Sign-on to prevent the user needing to re-enter credentials when switching from one SPA to another.

Is it possible to get single sign-on behavior using msal.js v0.1.7?

1条回答
【Aperson】
2楼-- · 2019-04-10 01:51

SSO with MSAL.js is possible. For browser-based apps you achieve SSO through cookies/sessions rather than tokens/token management. Please refer to the Github library. MSAL.js allows you to use acquireTokenSilent() to use a valid cookie via hidden iframe.

That said, the recommended way to do this is by using Azure KMSI with custom policies. This is because browser-based applications don't always keep users logged in and things like password changes can invalidate a user session.

查看更多
登录 后发表回答