Integrating AD with B2C

Venkata 151 Reputation points
2020-06-17T13:40:21.607+00:00

Hello,

I am building on a custom solution with Azure B2C and AD.

I have created a tenant in B2Cand AD and now I am stuck at connecting B2C and AD so that I can use B2C tenant as Master for adding new AD requests. May be publishing tenant as an application in the AD enterprise gallery.

So, all new AD requests should be tied to B2C master tenant and should be able to do SSO with B2C supported identity providers and provision users from AD to B2C and then to an external application.

I am happy to provide additional information required. Thank you

//V

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,768 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,575 questions
{count} votes

5 answers

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,506 Reputation points
    2020-06-17T15:19:32.76+00:00

    Hello @VenkataPabbisetty Not sure if I understood your requirement correctly. From your statement:

    "all new AD requests should be tied to B2C master tenant and should be able to do SSO with B2C supported identity providers and provision users from AD to B2C and then to an external application"

    I understood that you want new user request should go to B2C tenant, which should use the Azure AD tenant as Identity Provider, do SSO and provision user from that Azure AD tenant to B2C tenant.

    If that is the case, you can refer to below document for adding Azure AD tenant as IDP in your B2C user flow:

    Note: SSO would depend on whether user has cookies in the browser session or if the device has PRT to perform SSO. If you don't have these, there won't be SSO.


    Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.


  2. Venkata 151 Reputation points
    2020-06-17T18:29:37.46+00:00

    @amanpreetsingh-msft- I followed the steps as listed in the above two docs and able to make some progress.

    When I executed the sign-in user test flow- I am getting DIRECTORY not found an error

    https://[tenant].b2clogin.com/[tenant].onmicrosoft.com/oauth2/authresp#error=server_error&error_description=AADB2C%3a+A+claim+with+id+%27UserId%27+was+not+found%2c+which+is+required+by+ClaimsTransformation+%27CreateAlternativeSecurityId%27+with+id+%27CreateAlternativeSecurityId%27+in+policy+%27B2C_1_SignUpandIn%27+of+tenant+%27beigngabotb2c.onmicrosoft.com%27.%0d%0aCorrelation+ID%3a+6f32c80b-298c-4f45-bdd5-809d78e0a1da%0d%0aTimestamp%3a+2020-06-17+17%3a28%3a24Z%0d%0a

    Also, can you help how to configure the Auth URL?

    https://[tenant].b2clogin.com/[tenant].onmicrosoft.com/oauth2/authresp

    Please assist

    Thank you for all the help //V

    0 comments No comments

  3. AmanpreetSingh-MSFT 56,506 Reputation points
    2020-06-18T14:29:12.473+00:00

    @VenkataPabbisetty The authresp url should be configured with your B2C tenant name. If your B2C tenant name is beigngabotb2c, the URL will look like : https://beigngabotb2c.b2clogin.com/beigngabotb2c.onmicrosoft.com/oauth2/authresp

    Now the error "A claim with id 'UserId' was not found, which is required by ClaimsTransformation 'CreateAlternativeSecurityId' with id 'CreateAlternativeSecurityId'" can occur due to configuration issues in your policy xml files. I would suggest you to download a new copy of Starter Pack (use either SocialAccount or SocialandLocalAccount) template and start from scratch:

    https://learn.microsoft.com/en-us/azure/active-directory-b2c/custom-policy-get-started https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-azure-ad-single-tenant-custom?tabs=app-reg-ga

    Please let me know if you have any questions.


  4. Amit Verma 1 Reputation point
    2020-10-30T06:20:25.007+00:00

    Hello Guys

    we are facing this Issue can you also let us know how we can fix this Issue ?

    0 comments No comments

  5. jalsql 1 Reputation point
    2022-07-12T22:12:03.263+00:00

    ran into similar issues using custom policies. will try from scratch as bandwidth allows. Hope we find a solution :)

    0 comments No comments