Reading user IP address with API Connector in User Flows in Azure Active Directory B2C

Question

I have an Azure Active Directory B2C, i use built-in SignUpSignIn user flow, which has two API connectors defined, one for signup and one for signin.

I followed this tutorial for API connectors, and everything works as expected. https://docs.microsoft.com/en-us/azure/active-directory-b2c/api-connectors-overview?pivots=b2c-user-flow

My API connectors are Azure Functions.

I am trying to read the user IP address that user is trying to sign in or sign up.

I use this code to obtain the IP address

    private static string GetIpFromRequestHeaders(HttpRequest request)
    {
        return (request.Headers["X-Forwarded-For"].FirstOrDefault() ?? "").Split(new char[] { ':' }).FirstOrDefault();
    }

but i guess i get the Azure AD B2C IP address here, not the user client IP address.

Is there a way to read user IP address that user is trying to sign in or sign up in that API connector ?

Answer 1

Use AAD B2C claim resolvers to resolve the users IP as a claim, then send it to your api.

Only works with custom policies.

{Context:IPAddress} https://docs.microsoft.com/en-us/azure/active-directory-b2c/claim-resolver-overview#context