Azure B2C custom policy for Multiple Idp's using SAML 2.0

Hemanth Potluri 1 Reputation point
2022-12-01T06:22:32.877+00:00

We are tying to implement multiple Identity providers using Azure B2C custom policies, how can we differentiate between each Identity provider, one page where all users can login and authenticate against their respective auth Provider, and custom policy should pick the right auth provider based on the domain provided by the user.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,952 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 30,101 Reputation points Microsoft Employee
    2022-12-02T06:47:04.457+00:00

    Hi @Hemanth Potluri ,

    Thanks for reaching out.

    Azure AD B2C supports to implement multiple identity providers at the same time using user flow as well with custom policies.

    Azure AD B2C presents a list of multiple identity providers the user can choose for sign-in. Once they select one of the external identity providers that supports OAuth 1.0, OAuth 2.0, OpenID Connect, and SAML protocols. They're taken (redirected) to the selected provider's website to complete the sign in process.

    Custom policy allows you to add multiple technical profile to configure different identity providers based on their domain and other related attributes.

    <ClaimsProvider>  
      <Domain>salesforce.com</Domain>  
      <DisplayName>Salesforce</DisplayName>  
      <TechnicalProfiles>  
        <TechnicalProfile Id="Salesforce-SAML2">  
          <DisplayName>Salesforce</DisplayName>  
          <Description>Login with your Salesforce account</Description>  
          <Protocol Name="SAML2"/>  
    -----  
    <ClaimsProvider>  
    

    After adding identity provider based on your choice, the page will look like below while will allow your consumers to login via any identity providers from the list.

    266449-image.png

    Reference: https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-identity-provider

    Hope this will help.

    Thanks,
    Shweta

    ------------------------------

    Please remember to "Accept Answer" if answer helped you.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.