6,190 questions
2
votes
2
answers
3k
views
SvelteKit + Hooks and MSAL.js using Azure AD B2C results in non_browser_environment
I am new to SvelteKit and i am trying to use MSAL.js with SvelteKit, the issue is i want to implement something similar to an AuthGuard/HttpInterceptor which checks to see if the user is still logged ...
0
votes
2
answers
9k
views
Get Job title, Department and Manager ID from Azure AD in Claims
I am using Azure AD application with Azure B2c. As per the official Microsoft document, we can get additional claims using Azure AD policy.
https://learn.microsoft.com/en-us/azure/active-directory/...
CommunityBot
- 1
-1
votes
0
answers
24
views
"Please link an application to use the 'Run user flow' experience."
I seem to have added the Application to be enrolled in my custom User Flow. But I don't get prompted for the information when I sign in and I can't "Run User Flow" simulation because "...
- 21k
-3
votes
1
answer
46
views
Azure AD B2C — How to force DateTimeDropdown to use MM/DD/YYYY format?
I am using Azure AD B2C Custom Policies and have a claim defined for DOB like this:
<ClaimType Id="extension_dob">
<DisplayName>DOB</DisplayName>
<DataType>date&...
- 1,986
1
vote
1
answer
38
views
Azure AD B2C IdP-initiated SSO : REST TP receives literal {QueryString:...} tokens instead of actual query values
We are building an IdP-initiated SSO flow using Azure AD B2C custom policies, where the journey must:
Read 3 querystring values:
enc_attrs_token, sp, and EntityId
Pass them to a backend REST API via ...
- 59.6k
0
votes
1
answer
112
views
Azure AD B2C custom page: `AADB2C90047` + Chrome CORS "`unknown` address space", but Firefox works
I’m using Azure AD B2C with a custom HTML sign-in page and a SPA that uses MSAL (msal-browser).
Setup:
B2C tenant: https://<tenant>.b2clogin.com (dev)
SPA uses loginRedirect with MSAL.
Custom ...
- 3,560
-1
votes
0
answers
55
views
Why do I get a client id error when it is correct?
I am working on an Azure Microsoft Entra External ID authentication in my MAUI Blazor hybrid app. I have a user flow in my tenant to allow external users to sign in via Google. When I created it, it ...
- 3,000
0
votes
1
answer
434
views
How to allow any Entra ID user to sign in to Azure External ID (customers) without invitation or signup (similar to Azure AD B2C)?
In Azure AD B2C we had the following setup:
We configured Entra ID as an identity provider using a multi-tenant
app.
This allowed any Entra ID user (from any tenant) to log in.
After login, we had ...
- 3,247
0
votes
1
answer
89
views
The format of the URI 'Any-Text' is invalid when using dynamic URI for ContentDefinition in Azure B2C
UPDATE:
My use case is:
My client is setting up an Azure B2C Tenant that will respond to 2 different URLs:
https://www.url1.com
https://www.url2.com
They are supposed to be identical (same rules, ...
0
votes
2
answers
80
views
Can't authorize user in Azure AD B2C using angular-auth-oidc-client
I have an angular app (ver. 20.2, zoneless, standalone), running locally for now at https://localhost:4200. The app uses Angular Auth OIDC Client.
As per docs, I use autoLoginPartialRoutesGuard for ...
- 4,684
1
vote
0
answers
136
views
Pre-populate email and make it read only - Azure ADB2C custom policy
Scenario: the user will get an invite link, which the admin triggers. The link will navigate the user to "change password" dialog with Azure ADB2C, where the user finishes the registration ...
- 863
0
votes
0
answers
111
views
How to include email in Microsoft Entra External ID Google Configuration AttributesCollectionSubmit payload
I currently have an azure Entra External ID tenant working with a signupsignin user flow for local account that collects a few user attributes: name, surname, country, displayname. I then use the ...
- 553
0
votes
1
answer
73
views
Azure AD B2C: invalid_grant with JWE key missing when redirecting via SSO pre-login app
[ERR] Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler
Message contains error: 'invalid_grant',
error_description: 'AADB2C90090: The specified kid 'cpimcore_09252015' is not ...
0
votes
0
answers
59
views
Getting 404 error when adding an Azure AD B2C Quick Deploy Sample to a B2C Tenant (to give user choice of MFA method)
We currently have an Azure B2C tenant configured so that external users can log into our website. We currently use user flows for the basic scenarios (sign-in, sign-up, password reset, etc.), but in ...
0
votes
2
answers
312
views
Entra External ID - Pass Claims From External IdPs As Claims in Token Issued to Applications
I currently use Azure B2C custom policy and I am looking into the new Entra External ID product as a replacement. In custom policy, I am able to use the claims returned by an external OIDC IdP for ...
- 3,247
15
votes
3
answers
17k
views
Azure B2C Email Validation Template Customization
I am using Azure B2C to handle user access to my App. I have an issue with the reset password workflow.
As part of the reset password process a verification email is sent to the registered email ...
- 36
4
votes
2
answers
2k
views
How to delete claims from b2c custom policy claims claims bag (claims collection)?
I am trying to remove all the claims from the claims bag, if a certain step/condition in my custom policy is reached, however I couldn't find any information about that. Then I tried to use the ...
- 2,064
-1
votes
2
answers
181
views
For Azure AD B2C, can we enable MFA only for local logins, and leave disabled for social logins? [closed]
Our system uses User Flows, not custom policy, and is a React SPA.
We currently use local accounts for logins, with MFA enabled.
Now I have enabled a social login for Google SSO. When users login with ...
- 4,948
0
votes
1
answer
311
views
Twitter social login issue with Azure AD B2C - Forbidden
I am trying to add Twitter social login for an Azure AD B2C tenant. I followed the below instruction from Microsoft
https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-...
0
votes
0
answers
129
views
Encountering AADB2C90018 error when Azure B2C app registration created with Terraform
I am attempting to use Terraform to create an app registration in Azure B2C. I have previously succeeded in this task by manually using Graph API requests in Postman. This involved:
Create the ...
CommunityBot
- 1
0
votes
1
answer
177
views
AADB2C90018: The client id <client-id> specified in the request is not registered in tenant <tenant>
I am trying to create an app registration for a UI app in Azure AD B2C and use it in a Sign In flow.
If the app registration is created manually using the Azure Portal, when I run the Sign In user ...
- 11
0
votes
2
answers
1k
views
How can I validate the azp claim?
Considering the following jwt token:
I use the following code to protect my aspnet core webapi:
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
....
0
votes
1
answer
578
views
How to add Company name as a field on a Sign up User Flow?
Using Azure ADB2C Identity server.
How can I add a field for the "Company name" user attribute in a sign-up flow?
I see that Company name is a built-in attribute of a User in Azure ADB2C:
I ...
- 21.3k
0
votes
1
answer
64
views
Azure AD B2C Custom Policy: extension_inviteToken Not Passed to REST API Despite Correct Mapping
I am experiencing an issue with my Azure AD B2C custom policy where the extension_inviteToken claim, although present in the /authorize URL and audit logs, is not being passed to my REST API technical ...
- 760k
0
votes
2
answers
284
views
Assign B2C User to ExternalAzureAD identity
Is it possible in Azure AD B2C that I can assign a special identity (e.g. ExternalAzureAD) to a user when a user logs in? Currently all users are stored with their email as identity.
- 21.3k
0
votes
2
answers
438
views
Using different layout for unauthenticated users in Blazor WASM
I created a new Blazor WASM app targeting .NET 8 -- 8.0.8 to be more specific. The app uses Azure AD B2C for user management and I want to use a different layout for pages designed for public/...
- 6,537
1
vote
1
answer
135
views
SSO Issue with Azure AD B2C Using Microsoft Accounts Across Subdomains
I'm setting up SSO behaviors across multiple modules of a web platform using Azure AD B2C Custom Policies as the identity layer. The modules are React apps served from different subdomains under a ...
- 5,350
0
votes
0
answers
72
views
How to update custom claims to user properties in from B2C application
In AD B2C application, during the signup flow. The user has to select the "user content, " a check box (that is a boolean value). I have created a custom claim for that. This custom claim ...
- 20.2k
1
vote
1
answer
204
views
Is it possible to restrict Http Method on B2C login endpoints?
A client I've been working for recently conducted a pentest and the testers flagged up that their Azure B2C custom policy endpoints are vulnerable due to the fact they allow GET as well as POST. ...
- 6,537
0
votes
1
answer
153
views
Azure multi tenant SaaS application - which Entra service to use? [closed]
I am starting some cloud work on an SaaS application which will be hosted in our Azure tenant. We offer this SaaS application to different businesses, and we want to create custom roles for each ...
- 21.3k
0
votes
1
answer
284
views
How to add relay state parameter in SAML SSO in Azure AD B2C
I need to preserve the user's state in the application (where B2C is IDP and AEM is SP). That is, if the user bookmarks a page or needs to maintain the page's state, they should be able to do so. Upon ...
- 20.2k
4
votes
3
answers
2k
views
ASP.NET Core Auth not staying signed in after browser closes (Azure AD B2C)
I've successful set up authentication with Azure AD B2C in my ASP.NET Core Blazor application. I can open the website (https://localhost:5001) in multiple tabs without signing in again. However, if I ...
- 9,607
1
vote
1
answer
53
views
Unable to Modify Azure AD B2C Components Using Local Account
I created a local (email + password) account in my Azure AD B2C tenant, which successfully signs into my web application via user flows. However, this account cannot access or modify B2C components ...
- 59.6k
2
votes
1
answer
941
views
Connection Issues when using AcquireTokenAsync() in Xamarin Forms Windows App with Azure AD B2C and custom policy
I am using MSAL to connect my Xamarin.Forms-Windows 8.1-App to Azure AD B2C with a custom SignInSignUp-policy (to login the user by using a custom E-Mail address and a password). The "normal" ...
CommunityBot
- 1
0
votes
0
answers
66
views
Azure AD B2C Custom Policy: "objectId" Claim Missing After TOTP Step / UI in 2.1.35
I have issues with our Azure AD B2C custom policy for contact sign-up, specifically with the TOTP (authenticator app) step and the handling of the objectId claim.
With version 2.1.35:
The form ...
- 9,210
2
votes
2
answers
668
views
Azure AD B2C vs Microsoft Entra External ID
I would like to know, difference between "Azure AD B2C" vs "Microsoft Entra External ID". Which one is better and when to use what? What is the benefit of one upon another. A ...
- 139
0
votes
1
answer
63
views
QR code URI is correct but QR code not displaying on Azure AD B2C Custom Policy form [closed]
Implementing TOTP MFA in Azure AD B2C custom policy.
The QR code URI (qrCodeContent) is being generated correctly and matches the expected format (e.g., otpauth://totp/Test:[email protected]?secret=...&...
- 9,210
0
votes
0
answers
133
views
Single sign out implementation using SAML in Azure AD B2C
I have a B2C custom policy application using SAML, where Azure AD B2C is the SAML IDP and the Adobe(AEM) application is the SAML SP. I'm trying to implement single sign-out, but I'm not getting the ...
- 20.2k
0
votes
2
answers
85
views
QR Code Not Displaying in Custom Policy TOTP Setup – qrCodeContent Value Incorrectly Formatted
Description:
Having issues with implementing TOTP MFA in an Azure AD B2C custom policy and are encountering a critical issue: the QR code does not render on the EnableOTPAuthentication page, and the ...
- 9,210
1
vote
2
answers
1k
views
Azure AD B2C tenant deletion fails [closed]
I can't delete my B2C directory.
I've followed the instructions at How do I delete my Azure AD B2C tenant?
fails, even though all Resource Status's are green.
I've purged all applications, signed ...
- 703
1
vote
1
answer
68
views
PowerShell Graph SDK to retrieve Azure AD / Entra B2C Resource Group Name
I need to modify the code below to find the name of the Resource Group where the specific Azure AD / Entra ID B2C tenant object is located by going through all of my Azure Subscriptions.
The input is ...
- 20.2k
0
votes
0
answers
96
views
B2C Custom Policy for UserInfo: claim with `PartnerClaimType` returns both claims in response
I am using B2C Custom Policies to implement the UserInfo endpoint. I followed instructions in this article) to add the UserInfo endpoint, TechnicalProfile, and UserJourney. I also added a RESTful ...
- 9,210
1
vote
1
answer
71
views
Schema Validation Errors with <ClaimsTransformations> in Azure AD B2C Custom Policy
I am experiencing persistent schema validation errors when uploading my Azure AD B2C custom policy, specifically related to the <ClaimsTransformations> section. The error message is not always ...
- 9,210
0
votes
1
answer
80
views
Azure B2C custom extension policy Error is not reflecting the correct error message
I have tried everything to resolve this error message when typing to upload this custom extension policy. The error message is not reflecting what is really happening. All of the claims have a ...
- 13k
0
votes
0
answers
31
views
Azure AD B2C implementation in blazor web app server based with refresh tocken via "offline_access" scope
I am trying the sample code from https://github.com/dotnet/blazor-samples/tree/main/8.0/BlazorWebAppOidcServer.
The Home and Count components work fine but the Login results in :
This site can’t ...
- 9,210
0
votes
1
answer
643
views
Microsoft Graph API ADB2C signInActivity update lag
We're trying to get the last sign-in time of some users of our ADB2C application. We've got the Microsoft Graph API query set up, and working - when we request https://graph.microsoft.com/v1.0/users?$...
- 6,537
2
votes
1
answer
1k
views
'X-Frame-Options: DENY' Error During SSO Authentication in an iFrame
Currently, we're in the process of integrating Single Sign-On (SSO) functionality into our React/Typescript based iframe web application, which operates within an iframe.
For user authentication, we'...
- 6,537
2
votes
4
answers
2k
views
Azure - How to update the password profile of a user in Azure AD B2C using the Microsoft Graph API?
I am trying to change the password of a user in Azure AD B2C using the update endpoint provided by the Microsoft Graph API.
I followed this Microsoft documentation when I implemented this -
https://...
- 226
0
votes
1
answer
115
views
Azure AD B2C Custom Policy Adds Duplicate p= Parameter or Results in p=null Error
Description:
We are implementing a custom policy (B2C_1A_CONTACTSIGNUP) for contact users in Azure AD B2C. Our application supports two separate authentication schemes: one for main account users (...
- 1,795
-1
votes
2
answers
189
views
How to set up ONLY Email Verification in Azure B2C Custom flow - Identity Experience Framework
I'm trying to implement a simple pure Email verification policy, in which the claim should return just the verified email address post-verification. When I run the flow, it just opens the b2clogin ...
- 47.1k