Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,743 questions
How to verify publisher for Azure AD B2C app
Saxon Druce
0
Reputation points
I have an AD B2C app on a separate directory / tenant from my corporate tenant, which I am using in a custom policy to enable external users to sign in.
However, when signing in the user is prompted that the app is unverified:
How do I verify the application's publisher?
I have posted a question to stack overflow here with more details on how my app is configured: https://stackoverflow.com/questions/76303452/how-to-verify-publisher-for-azure-ad-b2c-app
When trying to verify the publisher, I get the following error:
{
"error": {
"code": "MPNAccountNotFoundOrNoAccess",
"message": "The MPN ID you provided (1234567) does not exist, or you do not have access to it. Please provide a valid MPN ID and try again.",
"innerError": {
"date": "2023-05-22T05:40:35",
"request-id": "539cdf4d-a6cf-415b-a7ea-6fe020332043",
"client-request-id": "de0016fc-bc14-4780-8391-da6d4d937bf9"
}
}
}
The suggested remediation for this error at https://learn.microsoft.com/en-us/azure/active-directory/develop/troubleshoot-publisher-verification#mpnaccountnotfoundornoaccess says to ensure that the tenant the app is registered in is associated with the MPN account, but this does not seem to be possible.
What steps am I missing here, to be able to verify the app publisher?
Thanks!
{count} votes
-
Mohammed Altamash Khan 1,656 Reputation points
2023-05-23T10:08:03.6433333+00:00 You need to register the app in Enterprise Application.
Prefer Global Admin privilege for implementation.
--please don't forget to
Accept as answerif the reply is helpful-- -
Saxon Druce 0 Reputation points
2023-05-24T00:31:03.2433333+00:00 @Mohammed Altamash Khan Hi Mohammed, I think to be used for AD B2C as an external identity provider, the app needs to be registered under Azure AD B2C -> App Registrations and not in Enterprise Applications, is that correct?
Thanks.
-
Mohammed Altamash Khan 1,656 Reputation points
2023-05-24T05:43:50.04+00:00 Yes correct , Can you share Screenshot of "Company Branding " Tab .
Im sharing some useful article here for same issue . Kindly check and let me know if this is useful.
Article 1 : https://learn.microsoft.com/en-us/azure/active-directory/develop/mark-app-as-publisher-verified
Article 2 : https://learn.microsoft.com/en-us/answers/questions/450801/app-registrations-is-still-showing-unverified-but
-
Saxon Druce 0 Reputation points
2023-05-24T06:06:39.3233333+00:00 Hi Mohammed,
Here's a screenshot of the Branding page. The app's publisher domain is set to our domain.
At https://learn.microsoft.com/en-us/azure/active-directory/develop/mark-app-as-publisher-verified under 'Mark your app as publisher verified', step 6 to 'Add MPN ID to verify publisher' isn't possible, as this isn't supported within the UI for AD B2C apps.
As described at https://learn.microsoft.com/en-us/answers/questions/1053983/unable-to-verify-publisher-or-upload-logo-for-ad-b for AD B2C apps, the MPN ID needs to be set using the graph explorer. However this is the step which is failing.
That answer also says to associate the AD B2C tenant with the MPN account, but that doesn't seem to be possible, there is no option to select the B2C tenant to associate:
Thanks.
Sign in to comment