Share via

How to generate url for signup page in Azure AD B2C Signup and Signin flow?

Nishant Dalvi 45 Reputation points
2024-02-06T09:11:57.2533333+00:00

In our application, we're using Azure AD B2C Signup & Signin combined flow. We have a use case where we want to invite certain type of users to whom we will send an activation link. This link will have a URL to our application which checks their invitation validity and then redirects them to activation (Azure AD B2C Sign-up page). We're using app.initiate_auth_code_flow in python to initiate the Login flow, but we're not able to understand which method to use to get redirect URL for the Sign up flow.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Accepted answer
  1. Konstantinos Lianos 125 Reputation points Student Ambassador
    2024-02-06T09:48:06.0533333+00:00 
    In Azure AD B2C, the redirect URL for the Sign-up flow is determined by the user flow you have configured and the authority you set when you instantiate your client application.

Here’s a brief overview of how you can get the redirect URL for the Sign-up flow:

Define your User Flow: When users try to sign in to your app, the app starts an authentication request to the authorization endpoint via a user flow1. The user flow defines and controls the user experience. After users complete the user flow, Azure AD B2C generates a token and then redirects users back to your application.

Specify the User Flow in Authority: In MSAL Python, specifying a user flow translates to providing an authority. When you instantiate the client application, you need to specify the user flow in authority as https://{tenant_name}.b2clogin.com/{tenant_name}.onmicrosoft.com/{user_flow}.

Get the Authorization Request URL: You can get a URL to the Sign-up page by creating a PublicClientApplication with the authority containing that {user_flow}, and then calling the get_authorization_request_url(...).

Here’s a sample code snippet:

Python

app = msal.PublicClientApplication(
    "your_client_id",
    authority="https://contoso.b2clogin.com/contoso.onmicrosoft.com/b2c_1_susi",
    ...)
AI-generated code. Review and use carefully.
In this example, b2c_1_susi is the name of the user flow for sign-in/sign-up.

Please replace "your_client_id" and "https://contoso.b2clogin.com/contoso.onmicrosoft.com/b2c_1_susi" with your actual client ID and authority respectively.

Remember, the authority to use is https://{tenant_name}.b2clogin.com/{tenant_name}.onmicrosoft.com/{user_flow} where:

tenant_name is the name of the Azure AD B2C tenant, such as “contoso”
user_flow is the name of the user flow to apply (for instance you might have “b2c_1_susi” for sign-in/sign-up)

Please check if the answer is correct.
    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.