How to sign a Azure AD user into Firebase in a Flutter mobile app?

flutter firebase-authentication azure-active-directory

3,028

You can use Firebase Auth OAuth package for it.

And sign in to the firebase using the Microsoft Auth provider.

User user = await FirebaseAuthOAuth().openSignInFlow(
  "microsoft.com", ["email openid"], {'tenant': 'your-tenent-id'});

This integrates nicely with firebase so, firebase authStateChange also works with this method.

3,028

Author by

Jannie Theunissen

Developer for OneSheep

Updated on December 24, 2022

Comments

Jannie Theunissen over 1 year
For a Flutter mobile app I am trying to use a Microsoft OAuthProvider to get a Firebase credential with which to sign the user into Firebase with their Azure AD account.

The closest I got was using a third party Active Directory auth package to log the user in and get an access token. However the sign-in to Firebase fails with an error message that suggests the idToken is invalid.
```
final AadOAuth oauth = new AadOAuth(config);
await oauth.login();

// accessToken looks legit
String accessToken = await oauth.getAccessToken();

String idToken = await oauth.getIdToken();

OAuthProvider provider = OAuthProvider('microsoft.com');

// Also tried the constructor without the idToken
OAuthCredential credential = provider.credential(accessToken: accessToken, idToken: idToken);

// app fails here:
await FirebaseAuth.instance.signInWithCredential(credential);

// this works fine, but only on web platform:
await FirebaseAuth.instance.signInWithPopup(provider);
```
Because it is a platform specific error (iOS in this case), the exception details are not surfaced. All I get is:

PlatformException(internal-error, ) nativeErrorCode: 17999

Here is my app settings in the Azure portal:

Full manifest here

Has anyone been successful in using Microsoft Auth to sign a user in to Firebase in a Flutter mobile app?
Jannie Theunissen over 3 years

I am building a mobile app. The implicit grant flow is only available for a web app. I tried creating a web client and ticking those two boxes and including the openid scope, but the flow still fails on exactly the same line with the same error.
svyat1s over 3 years

have you tried provider.credential with only idToken?
svyat1s over 3 years

and do you use Azure B2C directory or regular Azure?
Jannie Theunissen over 3 years

I don't use B2C and constructing the credential with just the id token fails on the same step, but with a slightly different error message: error code: internal-error
kobowo over 3 years

Is there a way to use the data using this library to get a Microsoft Access token so that I can access MS Graph?
Mateus Felipe over 3 years

Where do I get the tenant ID?
imperial-lord about 3 years

Using this I get the error here - github.com/amrfarid140/firebase_auth_oauth/issues/49. Can anyone help?