We are developing a web application using B2C.
ourcompany.com has an application called ourapplication.com.
Every user should use and login to our application via ourapplication.com.
We followed steps to use B2C and therefor needed to create a new tenant (ourapplication name tenant).
Which results in two tenants:
- ourcompany name tenant
- ourapplication name tenant
Everything was working fine, our application was accessible via https://ourapplication.azurewebsites.net and B2C login was working.
We own the custom domain "ourapplication.com".
Instead of using https://ourapplication.azurewebsites.net we wanted to link the ourapplication.com custom domain name.
We followed the steps to add a custom domain to an app service.
https://learn.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-domain?tabs=a%2Cazurecli
and we added a free certificate:
https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=apex%2Cportal#create-a-free-managed-certificate
We did this in "ourcompany name" tenant, were we see our app service. (we don't see an app service in the tenant we needed to create for B2C).
Now when I log in to our other tenant: "ourapplication name" tenant.
Going to "Azure Active Directory" we see there is a menu item "Custom domain names". But our custom domain "ourapplication.com" is not listed there. We only see "ourapplicationname.onmicrosoft.com".
Since we tried to add a custom domain:
- we are sometimes unable to sign in again to our application via ourapplicaton.azurewebsites.net (b2c login fails, I guess redirect urls are confused with custom domain/dns issue?)
- we are unable to login when running our application via Visual Studio 2022 when debugging (we don't receive an access token anymore - AcquireSilentToken)
- What is the difference between "ourcompany tentant > app services > custom domain" and "ourapplication tenant> azure active directory > custom domain" ? what should be used, should they both be configured to ourapplication.com ? this is not clear.
Hopefully somebody could shine a light allowing us to sign in again via B2C and allowing us to use our custom domain name.
( I've seen Azure Front Door for B2C, but have not touched this, as this is I guess only to make the "login part" nicer that it stays on the same domain. https://learn.microsoft.com/en-us/azure/active-directory-b2c/custom-domain?pivots=b2c-user-flow )
We've also seen an error: AADB2C90018 The client id '<...>' specified in the request is not registered in tenant 'ourapplication.onmicrosoft.com'. When we navigate to "https://ourapplication.com"