Mocking Azure AD B2C REST API calls
There are a number of mocks out there but I’m currently using Beeceptor.
You can register and get a free account in minutes. Then you specify your root API URL.
In my case, it’s:
b2cxxx.free.beeceptor.com
Now I want to mock a “Get customer details” call from B2C. I’ll pass in an ID and get back some details.
So the URL is:
b2cxxx.free.beeceptor.com/get-customer-details
As usual, the custom policy is in a gist.
The REST API call looks like:
<TechnicalProfile Id="REST-TestAPI">
<DisplayName>TestAPI</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
<Metadata>
<Item Key="ServiceUrl">https://b2cxxx.free.beeceptor.com/get-customer-details</Item>
<Item Key="SendClaimsIn">Body</Item>
<Item Key="AuthenticationType">None</Item>
<Item Key="AllowInsecureAuthInProduction">false</Item>
</Metadata>
<InputClaims>
<InputClaim ClaimTypeReferenceId="id" DefaultValue="123456" AlwaysUseDefaultValue="true"/>
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="firstName"/>
<OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="familyName"/>
<OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="emailAddress"/>
</OutputClaims>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop"/>
</TechnicalProfile>When I run the policy, I see:
Don’t worry about the sign in name. I just need a self-asserted technical profile to display error messages etc.
Click “Get Customer Details”. This calls the API.
Beeceptor shows:
The custom policy then shows:
If we want to see the JWT, click “No”.
We then see the details returned from the API in the JWT.
There is a specific format for B2C error messages.
The URL is:
b2cxxx.free.beeceptor.com/error
The REST API call looks like:
<TechnicalProfile Id="REST-TestAPI-Error">
<DisplayName>TestAPI-Error</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
<Metadata>
<Item Key="ServiceUrl">https://b2cxxx.free.beeceptor.com/error</Item>
<Item Key="SendClaimsIn">Body</Item>
<Item Key="AuthenticationType">None</Item>
<Item Key="AllowInsecureAuthInProduction">false</Item>
</Metadata>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop"/>
</TechnicalProfile>We mock the response:
Notice that it returns a HTTP status of 409.
If we click “Yes” for the radio button, it shows a new screen:
When we click “Get Error”, we see:
and it will continue to display the error every time the button is clicked.
Beeceptor shows:
I find this really useful for playing around with the B2C JSON claims transformations etc.
Note that Beeceptor does have paid accounts that allow you to set up authentication, template the responses etc.
All good!
