UserInfo Endpoint Url for salesforce from AD B2C tenant

ReCloudS 40 Reputation points


I have a question regarding the integration of salesforce as Service Provider and AD B2C app as IdP to make the Single Sign-on possible because we got a requirement where application is being moved from .NET to salesforce and I have implemented sso and auto-registration for other carriers to our application by using AD B2C and by configuring userflows but in the case of salesforce they provided an documentation where we need to provide the UserInfo Endpoint URL where I am unable to find any in the AD B2C tenant and followed few documents to work on that but still unable to upload the .xml file which they provided to use an custom policy but unable to upload the file and getting the below error , Can some can help me with this by elabariting step by step as am new to configure the custom policy

UserInfo Endpoint URL followed:

Salesforce Documentation URL :

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,321 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,457 questions
0 comments No comments
{count} votes

Accepted answer
  1. Akshay-MSFT 17,641 Reputation points Microsoft Employee


    Thank you for posting your query on Microsoft Q&A, from above description I could understand that you are trying to configure Azure AD B2C as an IDP in your salesforce platform, but unable to find the user info endpoint.

    Please do correct me if this is not the case by responding in the comments section.

    I would try to help you in elaborating the doc to best possibilities from Microsoft Counterpart:

    User's image

    • Copy the following information from above registered application:

    Consumer Key: Application (client) ID as seen in the Azure AD B2C App Registration detail page
    Consumer Secret: Client secret as configured on the Azure AD B2C app registration. (Could be self-created).

    You may find Endpoints by hitting "Endpoints" in "App Registration" blade like in above screenshot

    Authorize Endpoint URL:<policy-name>/oauth2/v2.0/authorize
    Token Endpoint URL:<policy-name>/oauth2/v2.0/token
    Token Issuer:<Directory (tenant) ID>/v2.0/
    Default Scopes: Application (client) ID as seen in the App registration detail page openid offline_access

    • Create your custom policy as per Setting up a sign-up and sign-in flow for a local account:
    • For Signup Signin XML along with user info endpoint kindly use the sample and make edits as per Salesforce doc in the sample
    • Now upload custom policy in the following order as incorrect order would lead you to an error while uploading the file.

    User's image

    • Validate if you are able to setup a local account in B2C tenant using the signPolicy URL

    User's image

    The <policy-name> parameter here has to be replaced by your signup-signin policy name.


    Akshay Kaushik

    Please "Accept the answer (opting Yes under "Helpful")" and "share your feedback ". This will help us and others in the community as well.

    0 comments No comments

0 additional answers

Sort by: Most helpful