Share via

Direct link to sign-up form from web app with Entra External ID

Johan Gustafsson 95 Reputation points
2024-12-19T14:33:00.0733333+00:00

Hi!

Using Entra External ID, how can I provide the user with a link that redirects directly to the sign-up form from my web app without first going through the sign-in view and clicking the small "No account Create one"-link? It would significantly improve our user experience by providing both a sign-in and a sign-up button in our app.

Could the user flow URL be appended with a flag or similar?

Thanks!

Johan

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
0 comments
Answer accepted by question author
  1. Gudivada Adi Navya Sri 21,090 Reputation points Moderator
    2024-12-20T19:49:21.1066667+00:00

    Hi @Johan Gustafsson

    Thank you for posting this in Microsoft Q&A.

    I understand that you are looking for a way to provide a direct link to the sign-up form in Entra External ID without first going through the sign-in view and clicking the "No account? Create one" link.

    Unfortunately, there is no direct link to the sign-up form from a web app with Entra External ID. The URL endpoint for your user flow to redirect users directly to the sign-in view with the prompt=login parameter. This parameter forces the user to enter their credentials on that request, so there is no direct option to land on the sign-up page.

    Here's an example of what the URL endpoint might look like:

    https://<tenant>.ciamlogin.com/<tenant>.onmicrosoft.com/oauth2/v2.0/authorize?client_id=af18cd68-e598-484e-a706-1234567&nonce=ClyDjki&redirect_uri=https://jwt.ms&scope=openid&response_type=id_token&prompt=login

    I hope this helps! Let me know if you have any other questions.

    Thanks,

    Navya

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Barry Wright 5 Reputation points
    2026-02-11T10:37:58.3133333+00:00

    Contrary to some earlier information, directing a user straight to the sign-up page is supported in Microsoft Entra External ID (CIAM).

    From my research while one Entra ID type (Workforce) tenant might not support this, At least one Entra External ID setup doe. There is an OpenID Connect prompt=create parameter specifically for this purpose and i confirmed myself it does work on our external Entra ID setup.

    The Solution: To trigger the sign-up experience directly, append the query parameter prompt=create to your authorization request.

    1. Example Authorization URL: https://<your-tenant>.ciamlogin.com/<tenant-id>/oauth2/v2.0/authorize?client_id=<client-id>&response_type=code&scope=openid&prompt=create

    2. Implementation via MSAL.js: If you are using the Microsoft Authentication Library (MSAL), you can implement this in your login request object:

    const signUpRequest = {
    scopes: ["openid", "profile"],
    prompt: "create" 
};

// This will skip the sign-in screen and land the user on the account creation form
msalInstance.loginRedirect(signUpRequest);

    Official Documentation: This is documented in the MSAL API references. For instance, in the MSAL .NET documentation, the Prompt.Create field is explicitly defined:

    "AcquireToken will send prompt=create to the authorization server's authorize endpoint which would trigger a sign-up experience, used for External Identities." Microsoft Learn: Prompt.Create Field

    Note: Ensure your User Flow is configured as a "Sign up and sign in" flow for this parameter to be honored correctly.

    1 person found this answer helpful.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.