Logging in with a guest account in Azure AD B2C

This is similar to my previous post.

It uses the embedded technique in this sample.

Basically, when the user logs in, they pick the guest option, maybe enter some attributes that the application needs and redirect to the application without actually logging in.

The JWT that is sent to the application contains a flag to say that this is a guest user.

The user has not authenticated in the sense of username / password!

Note: The MSAL library assumes that the return of a valid JWT implies that the user has logged on so be prepared to handle this. Use at your own risk.

As usual, the custom policy is in a gist.

All good!