docs(b2c): enhance access token request documentation for Azure AD B2C#128560
docs(b2c): enhance access token request documentation for Azure AD B2C#128560tanvishinde017 wants to merge 8 commits into
Conversation
docs(b2c): enhance access token request documentation for Azure AD B2C
|
@tanvishinde017 : Thanks for your contribution! The author(s) and reviewer(s) have been notified to review your proposed change. |
|
Learn Build status updates of commit 9178c92: 💡 Validation status: suggestions
articles/active-directory-b2c/access-tokens.md
For more details, please refer to the build report. Note: Your PR may contain errors or warnings or suggestions unrelated to the files you changed. This happens when external dependencies like GitHub alias, Microsoft alias, cross repo links are updated. Please use these instructions to resolve them. |
PRMerger Results
|
Update redirection entries in ansible.json
|
Learn Build status updates of commit 3e8e035: 💡 Validation status: suggestions
articles/active-directory-b2c/access-tokens.md
For more details, please refer to the build report. Note: Your PR may contain errors or warnings or suggestions unrelated to the files you changed. This happens when external dependencies like GitHub alias, Microsoft alias, cross repo links are updated. Please use these instructions to resolve them. |
PRMerger Results
|
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Updates the Azure AD B2C access token request documentation to be clearer and more structured for developers requesting tokens for web apps and web APIs.
Changes:
- Reworked the end-of-sale notice and improved readability of the introductory notes.
- Expanded scope explanation with clearer examples and formatting.
- Improved the authorization code + token exchange walkthrough, including tool suggestions and response sections.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| > [!NOTE] | ||
| > Azure Active Directory B2C is approaching end of sale. See the Azure AD B2C end-of-sale announcement for more information. |
| | Placeholder | Description | | ||
| |-------------|-------------| | ||
| | `<tenant-name>` | Name of your Azure AD B2C tenant. If you're using a custom domain, replace `tenant-name.b2clogin.com` with your custom domain. | | ||
| | `<policy-name>` | Name of your user flow or custom policy. | | ||
| | `<application-ID>` | Application (client) ID of the web application. | | ||
| | `<application-ID-URI>` | Application ID URI configured under **Expose an API**. | | ||
| | `<scope-name>` | Scope name configured under **Expose an API**. | | ||
| | `<redirect-uri>` | Redirect URI registered for the application. | |
| ## Example decoded access token | ||
|
|
||
| When you inspect the token using `https://jwt.ms`, the payload resembles: | ||
|
|
|
Can you review the proposed changes? This content requires automated and human checks available only in the private repository. Please close this PR ( #label:"aq-pr-triaged" |
|
Learn Build status updates of commit 94af2d6: ❌ Validation status: errorsPlease follow instructions here which may help to resolve issue.
For more details, please refer to the build report. Note: Your PR may contain errors or warnings or suggestions unrelated to the files you changed. This happens when external dependencies like GitHub alias, Microsoft alias, cross repo links are updated. Please use these instructions to resolve them. |
|
Learn Build status updates of commit 90244d9: ❌ Validation status: errorsPlease follow instructions here which may help to resolve issue.
For more details, please refer to the build report. Note: Your PR may contain errors or warnings or suggestions unrelated to the files you changed. This happens when external dependencies like GitHub alias, Microsoft alias, cross repo links are updated. Please use these instructions to resolve them. |
|
Learn Build status updates of commit 5844e64:
|
| File | Status | Preview URL | Details |
|---|---|---|---|
| articles/active-directory-b2c/access-tokens.md | Details | ||
| README.md | ✅Succeeded | ||
| redirects/.openpublishing.redirection.ansible.json | ✅Succeeded |
articles/active-directory-b2c/access-tokens.md
- Line 9, Column 1: [Warning: yaml-duplicate-key]
Key 'ms.service' is already defined, remove the duplicate key. - Line 9, Column 1: [Warning: yaml-duplicate-key]
Key 'ms.service' is already defined, remove the duplicate key.
For more details, please refer to the build report.
Note: Your PR may contain errors or warnings or suggestions unrelated to the files you changed. This happens when external dependencies like GitHub alias, Microsoft alias, cross repo links are updated. Please use these instructions to resolve them.
|
Great improvement to the access token docs! While reviewing this PR, I noticed an additional gap worth addressing in the same section: the authorization code flow examples are missing PKCE ( Why it mattersPKCE (Proof Key for Code Exchange) is required for public clients (SPAs, mobile apps) under OAuth 2.1, and strongly recommended for all authorization code flows. As-is, the doc teaches a pattern that Microsoft's own security guidance flags as a risk — an intercepted authorization code can be exchanged without Suggested additionStep 1 — Generate a code verifier and challenge (add before the authorize request) import os, hashlib, base64
code_verifier = base64.urlsafe_b64encode(os.urandom(32)).rstrip(b'=').decode()
code_challenge = base64.urlsafe_b64encode(
hashlib.sha256(code_verifier.encode()).digest()
).rstrip(b'=').decode()Step 2 — Authorization request (add Step 3 — Token request (add Also worth noting: the example token response in the doc omits Happy to contribute these changes directly if it helps move this PR forward. |
@tanvishinde017 Can you respond to the requested changes? @kushdab - When the changes are ready for publication, adding a #label:"aq-pr-triaged" |
No description provided.