UserInfo Endpoint Url for salesforce from AD B2C tenant

Question

Hello,

I have a question regarding the integration of salesforce as Service Provider and AD B2C app as IdP to make the Single Sign-on possible because we got a requirement where application is being moved from .NET to salesforce and I have implemented sso and auto-registration for other carriers to our application by using AD B2C and by configuring userflows but in the case of salesforce they provided an documentation where we need to provide the UserInfo Endpoint URL where I am unable to find any in the AD B2C tenant and followed few documents to work on that but still unable to upload the .xml file which they provided to use an custom policy but unable to upload the file and getting the below error , Can some can help me with this by elabariting step by step as am new to configure the custom policy

UserInfo Endpoint URL followed: https://learn.microsoft.com/en-us/azure/active-directory-b2c/userinfo-endpoint?pivots=b2c-custom-policy&WT.mc_id=AZ-MVP-5003445

Salesforce Documentation URL : https://help.salesforce.com/s/articleView?id=000393769&type=1

Answer 1

@ReCloudS

Thank you for posting your query on Microsoft Q&A, from above description I could understand that you are trying to configure Azure AD B2C as an IDP in your salesforce platform, but unable to find the user info endpoint.

Please do correct me if this is not the case by responding in the comments section.

I would try to help you in elaborating the doc to best possibilities from Microsoft Counterpart:

• On Your B2C tenant register an application for Salesforce.

• Copy the following information from above registered application:

Consumer Key: Application (client) ID as seen in the Azure AD B2C App Registration detail page
Consumer Secret: Client secret as configured on the Azure AD B2C app registration. (Could be self-created).

You may find Endpoints by hitting "Endpoints" in "App Registration" blade like in above screenshot

Authorize Endpoint URL: https://yourtenant.b2clogin.com/yourtenant.onmicrosoft.com/<policy-name>/oauth2/v2.0/authorize
Token Endpoint URL: https://yourtenant.b2clogin.com/yourtenant.onmicrosoft.com/<policy-name>/oauth2/v2.0/token
Token Issuer: https://yourtenant.b2clogin.com/<Directory (tenant) ID>/v2.0/
Default Scopes: Application (client) ID as seen in the App registration detail page openid offline_access

• Create your custom policy as per Setting up a sign-up and sign-in flow for a local account:
• For Signup Signin XML along with user info endpoint kindly use the sample and make edits as per Salesforce doc in the sample
• Now upload custom policy in the following order as incorrect order would lead you to an error while uploading the file.

• Validate if you are able to setup a local account in B2C tenant using the signPolicy URL

The <policy-name> parameter here has to be replaced by your signup-signin policy name.

• Create an Azure Auth. Provider in Salesforce similar to what is created for Entra ID/Azure AD.

Thanks,

Akshay Kaushik

Please "Accept the answer (opting Yes under "Helpful")" and "share your feedback ". This will help us and others in the community as well.