How to integrate AD B2C into Django Rest Framework

Kevin Vanthuyne 0 Reputation points
2024-12-19T17:03:32.34+00:00

I have been thoroughly reading documentation and code examples on AD B2C, MSAL and other related topics, but I'm having a hard time figuring out how I can integrate AD B2C into the authentication and authorization for my Django Rest Framework backend.

We have a separate Angular SPA that calls the DRF API. The API should check if the request is authenticated and authorized to access it. Quite a common use case. However, the documentation examples and topics on Python only show how to integrate Flask or Django on their own, without an SPA, because Flask and regular Django use server-side rendering of templates.

So how can I make my backend API verify the access token that would come from the frontend with Azure AD B2C? Should I use the MSAL library for this, or should I use an OAuth library that's well integrated into DRF like django-oauth-toolkit? The documentation is very unclear in my opinion.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,968 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.