active-directory-aspnetcore-webapp-openidconnect-v2 icon indicating copy to clipboard operation
active-directory-aspnetcore-webapp-openidconnect-v2 copied to clipboard

Published 20 hours ago verified publisher icon Azure-Samples

Is any OIDC provider supported? The language throughout doesn't indicate if it's Microsoft-specific

Open davidfordaus opened this issue 4 years ago • 4 comments

This issue is for a: (mark with an x)

- [ ] bug report -> please search issues before submitting
- [ ] feature request
- [ X ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

The issue was found for the following scenario:

updated diagram

  • Is this connector for ANY OIDC supplier such as Auth0 or Okta - is will it only work with Azure AD ?
    • If it is Microsoft-only then the main introductory content MUST make that clear. Indeed, other help content should reference Azure AD rather than generic OIDC.
  • Why does the social login feature only use ADB2C? The fact that this appears to require the Azure ADB2C component is not clear from the diagram and is therefore somewhat ambiguous.
    • Is ADB2C required or is it optional?
    • If it IS required then the diagram should make the requried ADB2C component clear. We have attached an updated diagram indicating this.

Cheers - we are trying to clarify the documentation and remove ambiguity. Thank you.

davidfordaus avatar Feb 11 '21 04:02 davidfordaus

Thanks @davidfordaus Yes, this sample only features the Microsoft.Identity.Platform (Azure AD, and Azure AD B2C) Azure AD B2C is a proxy for social identities. It's now one of the way by which you want to sign-in users with social identities (but also other kind of identities), the other being external identities. B2C is the way featured here.

cc; @mmacy @kalyankrishna1

jmprieur avatar Feb 11 '21 08:02 jmprieur

Yet OIDC is a standard platform, and ADB2C can be used for other purposes besides purely social proxy. Can I request that the diagram and text of these examples is updated to clarify your words above:

  • That this is "OIDC for Azure AD" only - an update of the title to "Chapter - Enable your Web app to sign-in users using the Microsoft Identity Platform and Azure AD" would likely suffice
  • ADB2C is a required architectural component for social login
    • Preferentially update the architecture diagram provided to include the requirement for ADB2C as a component
  • Also preferentially update the diagram to include the requirement for Azure AD

I don't believe that the minor changes to the documentation as above create any confusion. As this is a linked example for "OIDC login" from multiple web pages, it helps to clarify for developers landing on this page (example) that Azure AD at a minimum is required and Azure AD B2C for social are required.
Estimated effort for the above wording changes is at approximately 30 minutes including review. I have attached an updated diagram and am happy to provide a further updated version if required. adb2c

davidfordaus avatar Feb 11 '21 10:02 davidfordaus

@davidfordaus : do you want to propose a pull request?

jmprieur avatar Feb 11 '21 10:02 jmprieur

Shall do - I'll organise it tomorrow. Many thanks.

davidfordaus avatar Feb 11 '21 12:02 davidfordaus

PR attended to , so closing issue

kalyankrishna1 avatar Nov 29 '22 22:11 kalyankrishna1