Azure B2C Custom Policy - Detect user company based on email address and forward to their SSO provider

Huy Nguyen 51 Reputation points
2019-12-12T17:57:49.417+00:00

Hi,

I have successfully created a new Social login button on our B2C login screen for custom providers, but as we have more customers using our B2C logins, I would like to remove those social login buttons and auto detect the customer's company by their sign in email address and forward to their SSO provider's login page.

How can I do this with the Trust Framework Custom Policy?

Thanks,
Huy Nguyen

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,921 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. FrankHu-MSFT 976 Reputation points
    2019-12-13T00:50:42.697+00:00

    Hey @Huy Nguyen you could utilize custom JavaScript that parses the username and performs the expected action accordingly. You can learn more about custom javascript and b2c here : https://learn.microsoft.com/en-us/azure/active-directory-b2c/user-flow-javascript-overview

    For more reference on this see the sso reference page below.
    https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-sso-custom

    If you're interested in a more fleshed out solution from B2C in the portal or perhaps better documentation on how to do this, I suggest filing this as product feedback here : https://feedback.azure.com/forums/169401-azure-active-directory

    And if there's enough community support the product team will look into putting this on the roadmap to implement accordingly.

    3 people found this answer helpful.

  2. AmanpreetSingh-MSFT 56,661 Reputation points
    2019-12-13T04:01:13.907+00:00

    @Huy Nguyen You can use the sample: Sign In policy with Home Realm Discovery and a Default Identity Provider for this purpose.

    Note: This sample is in private preview. Make sure you test all scenarios before implementing it in your production environment.

    -----------------------------------------------------------------------------------------------------------

    Please "mark as answer" or "vote as helpful" wherever the information provided helps you to help others in the community.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.