2

I followed the example of AuthExample that uses Custom Chrome Tabs with Azure AD B2C policies.

I do not find any resources on how to style the custom chrome tab (and respectively the Safari controller). The tab always shows the URL in the header and the standard colors which does not look very native.

I know I can style the page content itself within Azure portal.

Can anyone guide me to links or tutorials on how to style the browser view to adapt to my app design and at least not show the Microsoft URL when the user signs in/up. In my opinion the user shouldn't even notice he is redirected to a browser tab.

The beforementioned link suggests, that it is possible to at least hide the URL bar at local sign in / sign up. For third-party identity providers it isn't a problem to get redirected to another (identity provider owned) site. Preview Images from sample link

Creepin
  • 482
  • 4
  • 20

1 Answers1

3

It is not possible to remove the URL in the Xamarin control.

The ideal way to achieve full UI customization is to use the OAuth Resource Owner Password credential flow. This will allow you to build your own UI and not leverage a web view (aka Custom Chrome Tabs and Safari controller) for local account. Keep in mind that for 3rd party identity providers like Facebook and Google, there is no way around the web view and the URL in the header. This is by design and a key security requirement to prevent phishing.

At this time, this flow is not supported in Azure AD B2C. You can support this ask and stay up to date on its status by voting for it in the Azure AD B2C feedback forum: Add support for Resource Owner Password Credentials flow

Saca
  • 10,355
  • 1
  • 34
  • 47
  • While this would be a workaround to fully customize UI for local sign up / sign in, I thought it must be possible with the current client workflow. The images at the sample page [Auth Sample](https://developer.xamarin.com/samples/xamarin-forms/WebServices/TodoAzureAuthADB2CClientFlow/) suggest that the URL bar is hidden at least at local sign in page. I attached the images to the original question. Do you have any clue if the images suggest something wrong or how they achieved that? – Creepin Nov 26 '17 at 08:56
  • I suggest they are screenshots from an earlier release of the Azure Active Directory Authentication Library that embed the web view. – Chris Padgett Nov 29 '17 at 08:34
  • Is this just suggesting or also knowing? ;) – Creepin Nov 29 '17 at 20:00
  • It's a guess, though not an unreasonable one :) – Saca Nov 29 '17 at 22:48
  • ROPC is now available as preview: https://learn.microsoft.com/en-us/azure/active-directory-b2c/configure-ropc?WT.mc_id=b2c-twitter-masoucou MSAL will support it from 4.1-preview (Sept 2018 / (In progress)): "Support for Integrated Windows Auth (IWA) and Username/password ROPCG)" (Roadmap: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki) – Creepin Sep 12 '18 at 19:41
  • @Creepin where have you found documentation for customizing the nav-bar? – Marilee Turscak - MSFT Jan 04 '19 at 20:34
  • @MarileeTurscak-MSFT What exactly do you mean? – Creepin Jan 05 '19 at 01:48