Azure AD B2C API Connector using Azure Function also using ngrok

RT 20

Hi,

I am working with Azure AD B2C user flow for the policy SignUpSignin (MFA).

I have the XXXB2C App with the Authentication for tokens being set to

Select the tokens you would like to be issued by the authorization endpoint:

Access tokens (used for implicit flows)
ID tokens (used for implicit and hybrid flows)

I have the XXXB2C API with the Authentication for tokens being set to

Select the tokens you would like to be issued by the authorization endpoint:

Access tokens (used for implicit flows)

I am able to create the user accounts. I have created a API Connector for my Azure Function. I am using > After federating with an identity provider during sign-up.
User's image

I am using ngrok to help with triggering the Azure Function locally.

I am able to use postman to trigger the Azure Function using the token in the screenshot below.

User's image

My problem is that when I try to run the user flow SignUpSignin policy. I am able to get the token but the token is not being sent to the Azure Function and the Azure Function is not getting triggered.
User's image

1 answer

Kancharla Saiteja 5,890 Reputation points Microsoft External Staff Moderator

2025-03-24T07:35:46.7466667+00:00
Hi @RT,

Based on your query, here is my understanding: I see you would like to authenticate Function app using Azure AD B2C.

I believe the configuration was successful if you are receiving the token from Azure AD B2C, but I would like to check few more points to make sure you call the correct redirect_URI in order to invoke the function app using the access token.

Please cross check the below steps and perform the necessary actions to achieve the end goal:

While configuring an application in App registration, configure application as Web app. please make sure you add your function app complete URL (retrieve it from the overview of function app) and extend this as follows: {YOUR-FUNCTION-APP-URL}/.auth/login/aad/callback.Here kindly chooseImplicit flowfor authentication.

While adding Azure AD B2C, you need to choose Entra ID (Formerly Azure Active directory) as authentication and go to advanced settings. Here it will ask you to provide Issuer URI and Client ID. Here the Client ID should be the one you are using to retrieve the token and the Issuer URI should be the sign up and sign in URL.

Here are the additional documents:

Configure authentication in a sample single-page application by using Azure AD B2C

Create a REST API for a token issuance start event in Azure Functions

Authentication and authorization in Azure App Service and Azure Functions

If the answer is helpful, please click "Accept Answer" and kindly "upvote it". If you have extra questions about this answer, please click "Comment".
Please sign in to rate this answer.
Kancharla Saiteja 5,890 Reputation points Microsoft External Staff Moderator

2025-03-25T03:41:42.62+00:00

Hi @RT,

Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Kancharla Saiteja 5,890 Reputation points Microsoft External Staff Moderator

2025-03-26T04:20:53.18+00:00

Hi @RT,

Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Your answer