Skip to content

Latest commit

 

History

History
42 lines (34 loc) · 2.47 KB

active-directory-b2c-identity-provider-azure-ad.md

File metadata and controls

42 lines (34 loc) · 2.47 KB
author ms.service ms.subservice ms.topic ms.date ms.author
msmimart
active-directory-b2c
B2C
include
04/07/2020
mimart

Register an Azure AD app

To enable sign-in for users from a specific Azure AD organization, you need to register an application within the organizational Azure AD tenant.

  1. Sign in to the Azure portal.

  2. Make sure you're using the directory that contains your organizational Azure AD tenant (for example, contoso.com). Select the Directory + subscription filter in the top menu, and then choose the directory that contains your Azure AD tenant.

  3. Choose All services in the top-left corner of the Azure portal, and then search for and select App registrations.

  4. Select New registration.

  5. Enter a Name for your application. For example, Azure AD B2C App.

  6. Accept the default selection of Accounts in this organizational directory only for this application.

  7. For the Redirect URI, accept the value of Web, and enter the following URL in all lowercase letters, where your-B2C-tenant-name is replaced with the name of your Azure AD B2C tenant.

    https://your-B2C-tenant-name.b2clogin.com/your-B2C-tenant-name.onmicrosoft.com/oauth2/authresp

    For example, https://fabrikam.b2clogin.com/fabrikam.onmicrosoft.com/oauth2/authresp.

  8. Select Register. Record the Application (client) ID for use in a later step.

  9. Select Certificates & secrets, and then select New client secret.

  10. Enter a Description for the secret, select an expiration, and then select Add. Record the Value of the secret for use in a later step.

Configuring optional claims

If you want to get the family_name and given_name claims from Azure AD, you can configure optional claims for your application in the Azure portal UI or application manifest. For more information, see How to provide optional claims to your Azure AD app.

  1. Sign in to the Azure portal. Search for and select Azure Active Directory.
  2. From the Manage section, select App registrations.
  3. Select the application you want to configure optional claims for in the list.
  4. From the Manage section, select Token configuration.
  5. Select Add optional claim.
  6. For the Token type, select ID.
  7. Select the optional claims to add, family_name and given_name.
  8. Click Add.