![Quality Gate Status](https://sonarcloud.io/summary/new_code?id=ZonalDevOps_Zonal.Web.BFF)

Zonal Web BFF

This BFF will serve requests coming in from ZonalConnect web app. The app will have already authenticated the logged in user with B2C and have a JWT containing minimal user info. The BFF will validate the JWT with B2C and then perform Claims Transformation to determine the users permissions to the API

Build requirements

.NET 8 SDK

Documentation

- FSA High-level architecture

$3

To obtain a bearer token:

``



GET https://authdev.zonalconnect.com/adba6d8b-4034-4088-ac6d-ba4f85a672c6/B2C_1A_HOMEREALMSIGNINSIGNUP/oauth2/v2.0/authorize?

client_id=b35ba067-681b-4d72-9dff-ea4110289836

&response_type=code+id_token

&redirect_uri=https%3A%2f%2fjwt.ms%2f

&response_mode=fragment

&scope=openid

&state=arbitrary_data_you_can_receive_in_the_response

&nonce=anyValue

&code_challenge=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl





This should redirect to the following url:



https://jwt.ms/#

state=arbitrary_data_you_can_receive_in_the_response

&code={authorization_code}

&id_token={id_token}





Obtain the authorization_code from the redirect url. Then:



POST https://authdev.zonalconnect.com/zonalconnectb2cdev.onmicrosoft.com/B2C_1A_HOMEREALMSIGNINSIGNUP/oauth2/v2.0/token

Content-Type: application/x-www-form-urlencoded



grant_type=authorization_code

&client_id=b35ba067-681b-4d72-9dff-ea4110289836

&scope=https://zonalconnectb2cdev.onmicrosoft.com/web-bff/API.Read https://zonalconnectb2cdev.onmicrosoft.com/web-bff/API.Write

&code_verifier=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl

&code={authorization_code}





Obtain the access token from the response. To use the refresh token to get a new access token, do:



POST https://authdev.zonalconnect.com/zonalconnectb2cdev.onmicrosoft.com/B2C_1A_HOMEREALMSIGNINSIGNUP/oauth2/v2.0/token

Content-Type: application/x-www-form-urlencoded



grant_type=refresh_token

&client_id=b35ba067-681b-4d72-9dff-ea4110289836

&scope=https://zonalconnectb2cdev.onmicrosoft.com/web-bff/API.Read https://zonalconnectb2cdev.onmicrosoft.com/web-bff/API.Write

&code_verifier=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl

&refresh_token={refresh_token}

Documentation

FSA High-level architecture

GET https://authdev.zonalconnect.com/adba6d8b-4034-4088-ac6d-ba4f85a672c6/B2C_1A_HOMEREALMSIGNINSIGNUP/oauth2/v2.0/authorize?
client_id=b35ba067-681b-4d72-9dff-ea4110289836
&response_type=code+id_token
&redirect_uri=https%3A%2f%2fjwt.ms%2f
&response_mode=fragment
&scope=openid
&state=arbitrary_data_you_can_receive_in_the_response
&nonce=anyValue
&code_challenge=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl

This should redirect to the following url:

https://jwt.ms/#
state=arbitrary_data_you_can_receive_in_the_response
&code={authorization_code}
&id_token={id_token}

Obtain the authorization_code from the redirect url. Then:

POST https://authdev.zonalconnect.com/zonalconnectb2cdev.onmicrosoft.com/B2C_1A_HOMEREALMSIGNINSIGNUP/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code
&client_id=b35ba067-681b-4d72-9dff-ea4110289836
&scope=https://zonalconnectb2cdev.onmicrosoft.com/web-bff/API.Read https://zonalconnectb2cdev.onmicrosoft.com/web-bff/API.Write
&code_verifier=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl
&code={authorization_code}

Obtain the access token from the response. To use the refresh token to get a new access token, do:

POST https://authdev.zonalconnect.com/zonalconnectb2cdev.onmicrosoft.com/B2C_1A_HOMEREALMSIGNINSIGNUP/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded

grant_type=refresh_token
&client_id=b35ba067-681b-4d72-9dff-ea4110289836
&scope=https://zonalconnectb2cdev.onmicrosoft.com/web-bff/API.Read https://zonalconnectb2cdev.onmicrosoft.com/web-bff/API.Write
&code_verifier=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl
&refresh_token={refresh_token}

zonal.web.bff

Zonal Web BFF

Build requirements

Documentation

$3

zonal.web.bff

Zonal Web BFF

Build requirements

Documentation

$3