Multiple Azure AD tenant B2C custom policy for Dynamics 365

Syed Palayathar 486 Reputation points
2021-03-22T20:35:24.553+00:00

Hello Friends

I have an issue in using a custom Azure B2C policy flow for multi-tenant Azure AD for Dynamics 365.

Background:

We have a Dynamics 365 instance. Our users [contacts] in Dynamics 365 are our customers who use different Aure AD tenants, as they are from different enterprises. so far we were using ADFS for these users' access to our applications

We are now attempting to use Azure B2C tenant for our customers so that they all can use SSO whilst accessing our instances of Dynamics 365, when they are logged on to their enterprise's Azure AD tenants.

PS: Kindly note that integrating Azure AD tenant or other IDPs are working flawlessly for Dynamics 365 following this link.

Question:

This means that we need to use a custom policy for multi-azure ad tenants.

Is it possible to use Azure AD multi-tenant with Azure B2C [custom flow] for **Dynamics 365 instance [**Office 365]?

Issue:

I was attempting to create a custom policy flows for Azure AD multi tenant for Azure AD B2C following this link

I have created a multi-Azure AD tenant flow using custom policies. This works fine from the policy itself [i.e. using run now endpoint].

I can already see that I am authenticated by the Azure AD B2C tenant when I logged in.

However, when I tried to access it from the Dynamics 365 portal app, we get an error.

I noticed that when accessing from the custom policy flow itself [ ie. when I click "Run flow"], the browser redirects to the correct address [https://sxxxxxxx.b2clogin.com/xxxxxxx.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=xxxxxxxxxccc&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fsxxxxxxxx.microsoftcrmportals.com%2Fsignin-aad-b2c_2&scope=openid&response_type=id_token&prompt=login]

Error occurs when I click the "Azure AD B2C New" from Dynamics 365 website itself. https://xxxxxxxx.microsoftcrmportals.com , it brings me to this portal with error message

https://xxxxxxxx.microsoftcrmportals.com/Account/Login/ExternalLogin?ReturnUrl=%2Fanding-page%2F

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
3,019 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JamesTran-MSFT 36,796 Reputation points Microsoft Employee
    2021-03-31T21:31:04.697+00:00

    @Syed Palayathar
    Thank you for your post and I apologize for the delayed response!

    When it comes to Dynamics 365, please keep in mind that this isn't supported here on Q&A. If you'd like to work with our Dynamics experts, they're actively answering questions within their Microsoft Dynamics 365 Community Forums.

    For B2C integration with Dynamics, I did find a Stack overflow post which I'll share below.

    There is a built-in integration between Azure AD B2C and Dynamics 365 for Customer Engagement that enables external customer sign-ins using local accounts and/or any federated social identity providers.

    See the Customize the Azure AD B2C user interface for portals article for more information about configuring Azure AD B2C as an identity provider for the Dynamics 365 for Customer Engagement portal.

    Additional Links:
    Configure the Azure Active Directory B2C provider (Preview)
    Set up a B2C tenant in Commerce

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.