Azure AD B2C (Web App Integration)
4 min readOct 18, 2022
Azure Active Directory B2C (Azure AD B2C) is an identity management service that enables custom control of how your customers sign up, sign in, and manage their profiles when using your iOS, Android, .NET, single-page (SPA), and other applications.
Learn how to use Azure AD B2C with Web App,
Create B2C Tenant
1. First of all, open subscription2. Select your subscription3. Click on Resource Providers4. Register Microsoft.AzureActiveDirectory5. Go to your Active Directory6. Click on create a tenant7. Select Azure Active Directory (B2C)8. Enter organization name, domain name, resource group9. Click on review and create
In Azure AD B2C, Create New App Registration
1. Enter name (AppTesting)2. Select account type=Accounts in any identity provider or organizational directory (for authenticating users with user flows)3. Grant admin Consent4. Click on register5. Click on your app (AppTesting)6. Overview (Here are Application (client) ID, Directory (tenant) ID)7. Authentication (Web->Redirect URIs = https://jwt.ms, Enable Access and ID Tokens and save it)
In Azure AD B2C, Identity Providers
1. Click on any identity provider like google2. Enter Name for identity=Google3. Enter Client ID = From Google Api and Services (https://console.cloud.google.com/apis/credentials)4. Enter Client Secret = From Google Api and Services (https://console.cloud.google.com/apis/credentials)5. Click Save
In Azure AD B2C, Policies -> User flows
1. Create user flow2. Click on user flow which you want like sign up and sign in, profile editing, reset password3. Click Recommended Version4. Click on Create5. Enter unique name for user flow B2C_1_* (susi)6. Select local account and social identity providers7. Select user attributes and token claims (Data required from user on signup)8. Click on create
In Azure AD B2C, Policies -> User flows
1. Click on user flow which you created (B2C_1_susi)2. Click on Run user flow3. Select your application4. Select your reply URL5. Click on run user flow or copy the URI and paste it in browser6. Login page open and all the user attributes showing on signup and after adding data on each field click on create7. User redirect to https://jwt.ms which shows access token of user
In Azure AD B2C, Users
1. All users are listing here through our sign up user flow2. Activity -> Sign-ins (each user sign in activity report)
Open Microsoft Visual Studio
1. Create new project (Asp.net core web application)2. Enter project name3. Click on create4. Select Web Application (Model-View-Controller)5. Click on authentication change6. Select Individual User Accounts7. Select “connect to an existing user store in the cloud” from dropdown menu8. Enter Domain Name = Directory (tenant) ID (App register in AD B2C -> Overview)9. Enter Application ID = Application (client) ID (App register in AD B2C -> Overview)10. Copy Callback path and paste it in Azure AD B2C -> Select your App in app Registration -> Authentication -> Web->Redirect URIs = “https://localhost:44391/signin-oidc” and save it11. Paste your sign up and sign in user flow name in “Sign-up or Sign-in Policy” = B2C_1_susi12. Paste your reset password user flow name in “Reset password Policy” = B2C_1_reset13. Click on ok14. Click on create15. Run the project16. Sample project open in web you can sign up and sign in by clicking on Sign in button17. After successfully sign up/sign in, user can see his name in the web project18. In Azure AD B2C -> Users, All users are listing here through our sign up user flow
References:
