Setting up Entra ID sign-in for Azure B2C with custom policy, wrong openid-configuration URL

Kent Man 0 Reputation points
2024-04-18T03:45:25.3033333+00:00

Hello,

I followed the guide setting up Entra ID as a sign-in method for Azure B2C. I have successfully tested the custom policy and and the correct claims are showing on jwt.ms.

However, when I use MSAL React to make a request on Azure Functions, the web application fetches the OpenID configuration at the wrong URL

https://<B2C name>.b2clogin.com/<B2C name>.onmicrosoft.com/<tenant ID of the Entra ID>/v2.0/.well-known/openid-configuration

which returns a 404. I had successfully integrated Entra ID as an identity provider by using a user flow, the URL for the OpenID configuration should be

https://<B2C name>.b2clogin.com/<B2C name>.onmicrosoft.com/<flow name>/v2.0/.well-known/openid-configuration

Is there something wrong with my custom policy or do I need to configure MSAL differently?

Thanks.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,522 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Babafemi Bulugbe 1,870 Reputation points
    2024-04-18T06:38:58.1133333+00:00

    Hello Kent Man,

    Thank you for posting this in the Microsoft Q&A Community.

    From my understanding, your react application is requesting the wrong OpenID endpoint. Since you explained that this works with the Jwt application without issues, the main thing to check will be how you integrated your policies with your application.

    When setting up the authority in your application, be sure that the tenant you added is your B2C tenant and not your Entra ID tenant name.

    Follow this link to get more information about integrating your React application and Azure B2C

    https://learn.microsoft.com/en-us/azure/active-directory-b2c/configure-authentication-sample-react-spa-app

    Let me know if further assistance is needed.

    Babafemi

    0 comments
  2. Akhilesh 4,775 Reputation points Microsoft Vendor
    2024-04-24T11:22:14.5133333+00:00

    Hi @Kent Man

    Thank you for reaching out to the community forum!

    Based on the information you provided, it seems that the MSAL React application is fetching the OpenID configuration from the wrong URL, can you please check and updating the configuration of the MSAL React application to use the correct OpenID configuration URL for your custom policy.

    If you have already set up Entra ID as an identity provider using a user flow, ensure that the custom policy name in the authority URL matches the name of the user flow you’ve configured in Azure B2C.

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Akhilesh.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.