11,570 questions
Conditional Access Not Triggering in Azure AD B2C
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 30%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Ray Garg
10
Reputation points
Hi ,
I’ve successfully implemented all my main Azure AD B2C flows for user migration— including custom password reset, MFA with authenticator app (via TOTP), user migration with just-in-time logic, and sign-in / sign-up orchestration. Most core flows are working well.
However, I’ve run into issues with Conditional Access (CA) not triggering as expected.
What I’ve Done So Far
- I have incorporated Microsoft’s Azure AD B2C Conditional Access GitHub repo exactly as described.
- I understood the README thoroughly and copied all the code (technical profiles, claim types, claims transformations, etc) from TrustFrameworkExtensions_ConditionalAccess.xmlinto my
TrustFrameworkExtensions.xml (The one for user migration). - I tested this in my flow by launching sign-in from Tor browser to simulate a risky login scenario — expecting to be blocked or prompted for MFA — but the sign-in proceeded normally without blocking the sign in.
- NOTE: The way my current logic is set up, i believe MFA will always be prompted to the user on sign in, im a bit uncertain on how to integrate the conditional access signals to make sure it only gets enforced on risk signals. Setting up Conditional Access for user flows directly through the azure portal is seamless. however when it comes to inetgrating this in custom policies, im unaware of the approach to do so, and all guidance would go a long way here. If its possible to explain how the ConditionalAccesssProtocolProvider is working in the custom policy (the azure provided one, this would go a long way). Also, any explanations of how the logic is working like the specfic profiles of the conditional access logic is always appreciated, i do understand it, but i may always be missing something. ive seen a few mcirosoft documentations, where we can actually write code for condeitional access as well. im not sure if this is standard for azure ad b2c, but if it is, i would very much like to know more details about it.
Thanks for all the help!! Ray
Developer technologies | C#
{count} votes
-
Ray Garg 10 Reputation points
2025-06-06T17:00:59.65+00:00 -
Ray Garg 10 Reputation points
2025-06-09T18:08:33.8233333+00:00 Hi, is there any status update on this. please its urgent this issue gets ceared up for seamless conditional acess integration.
-
Ray Garg 10 Reputation points
2025-06-10T19:18:41.2033333+00:00 Hi no one has responded to me, can we please starta. discussion. the full answer may not need be there but i do need guidance aroudn this. is there custom code i also create for codnitional access and then reference that code in the custom policies somehow. i need the guidance.
-
Ray Garg 10 Reputation points
2025-06-12T18:39:26.1066667+00:00 Are there JSON policies that i write for conditional access? is that how i enforce that type of logic with azure ad b2c?
Sign in to comment
Sign in to answer