Microsoft account as identity provider with Azure AD B2C

Omar ZERHOUNI 0 Reputation points
2024-08-15T17:04:19.3433333+00:00

Hello,

I am trying to add Microsoft account as an identity provider to my application, so that any one with a personal microsoft account can log in. To simplify the learning, I did the exact steps mentionned in the tutorial https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-register-applications https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-user-flow.

Still, it doesn't work for Microsoft accounts. It does work for emails but not microsoft account. When I test the user flow, I get "AADB2C90273: An invalid response was received : 'Error: invalid_request,Error Description: Proof Key for Code Exchange is required for cross-origin authorization code redemption.' Correlation ID: 25c5d1b8-df10-4a52-9310-111fa518439f Timestamp: 2024-08-15 16:40:20Z"

When I added Microsoft account as an identity provider, I used the client ID of the app I created in my Azure AD B2C tenant, and the secret I generated for it.

Has anyone a solution for that ?

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
684 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,372 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Fabio Andrade 1,580 Reputation points Microsoft Employee
    2024-08-15T23:15:51.7533333+00:00

    Hi @Omar ZERHOUNI

    Thanks for reaching out to Microsoft Q&A

    Based on the documentation below, you'd need to create the application object that supports "Microsoft Accounts" sign in type and configure Microsoft as an Identity Provider. The link below has all the steps you need to set this up:

    https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-microsoft-account?pivots=b2c-user-flow

    User's image

    Let me know if that helps.

    Thanks,

    Fabio

    0 comments No comments

  2. Omar ZERHOUNI 0 Reputation points
    2024-08-16T07:13:30.35+00:00

    Hi Fabio,

    I already did that. Still, Microsoft Account wouldn't work as identity provider. Only email works.

    0 comments No comments

  3. Omar ZERHOUNI 0 Reputation points
    2024-08-16T07:18:04.4033333+00:00

    Sorry, I have just noticed that your link talks about Entra ID and not Azure-AD-B2C. Will the workflow enable me to use application in Azure-ad-b2c ?

    0 comments No comments

  4. Akhilesh 8,875 Reputation points Microsoft Vendor
    2024-08-20T16:06:45.5533333+00:00

    Hi @Omar ZERHOUNI

    Thank you for reaching us!

    I understand that you would like to add the Microsoft account as identity provider with Azure AD B2C tenant.
    You can follow the document to Add an identity provider to your Azure Active Directory B2C tenant.

    Hope this helps. Do let us know if you any further queries in the comments section.


    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.