Back to app in response to AD B2C policies from browser

OlekOlek UAMember

I need to implement password reset feature in my app. I tried to show policy ui in WebView but it doesn't work(https://forums.xamarin.com/discussion/84388/android-webview-shows-empty-page-on-emulator/p1?new=1) .So I decided to show policy in browser by opening the link. It works but ends up with error message about unknown url scheme. Doesn't look nice. I tried to set deep linking so when last step of password change policy is completed and AD redirects user to redirect link my app will show up instead of browser window with error. But it doesn't work also. Redirect link in AD application looks like: "urn:ietf:wg:oauth:2.0:oob" and in response to pwd change policy I get something like:
urn:ietf:wg:oauth:2.0:oob#id_token=eyJ...
To handle it I added intent filter attribute:
[IntentFilter(new []{ Intent.ActionView },
        Categories = new []
        {
            Android.Content.Intent.CategoryDefault,
            Android.Content.Intent.CategoryBrowsable
        },
        DataScheme = "urn:ietf:wg:oauth:2.0:oob)]

theoretically I can create real web page and feed it to AD application as redirect url and it might work but will look odd. User clicks on button in app, then browser appears, he goes thru validation and etc, confirm pwd and see some web page instead of app.

So is it possible to show my app in response to redirect message?
Do you have suggestions how to perform password reset feature better?

Sign In or Register to comment.