Signing client's userbase into Azure App Service using client's Outlook OpenID Connect.

Sean Han 25 Reputation points
2024-09-13T09:00:20.3333333+00:00

Hello,

I am having difficulty setting up sign ins through my client's Outlook to my app.

I want to make sure I am understanding the process corretly.

Process:

  1. App Registration - Redirect URI: myapp.azurewebsites.net
  2. Identity Provider Connect - Using OpenID Metadata, App Client Id and Secret from (1)
  3. App Registration - Redirect URI: https://<YOUR_SITE>/.auth/login/aadb2c/callback
  4. Authentication on Web App - Metadata URL: https://<TENANT_NAME>.b2clogin.com/<TENANT_NAME>.onmicrosoft.com/<POLICY_NAME>/v2.0/.well-known/openid-configuration
    Client ID and Secret from (3)

The docs seem to be somewhat dispersed, and this is what I could gather.

https://learn.microsoft.com/en-us/azure/active-directory-b2c/configure-authentication-in-azure-web-app

https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-generic-openid-connect?pivots=b2c-user-flow

https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-register-applications

However, doing this has been unsuccessful, with errors such as (https://learn.microsoft.com/en-us/troubleshoot/azure/entra/entra-id/app-integration/error-code-AADSTS50011-redirect-uri-mismatch) and "A claim with id "UserId" was not found, which is required by ClaimsTransformation 'CreateAlternativeSecurityId' in policy 'B2C_1_signin' of tenant.

I would appreciate if you could confirm my understanding of the process, and also if you could offer some help on these errors.

Thanks, Richard

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,750 questions
0 comments No comments
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.