This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 66%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
Hello,
We have a requirement to integrate ADB2C with Okta as an external Identity Provider. There are 3 use cases I see:
I was able to set up B2C integration with Okta for #1 and #2 via B2C Custom policies. However, for the #3 I am wondering if it's even possible. And if yes than how.
Hi @Marina Gurevich · Thank you for reaching out.
When B2C is added as external IDP to Okta, after a successful authentication, a token is passed by B2C to Okta. Azure AD B2C can't be configured with SCIM or any other protocol for user provisioning to its relying parties. Can Okta provisions users by utilizing the claims in the token issued by B2C, is a question for Okta.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
My question is about Okta added as external IDP. Not other way around.
Hi @Marina Gurevich · In that case B2C will always do a Sign-up (Account Creation) at initial authentication for a given user account. For subsequent authentications, a sign-in will be performed.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
@AmanpreetSingh-MSFT Can we provision users into Azure AD B2C from Azure AD B2B?
We want to automatically provision users in B2C when B2B users access apps
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 28.000000000000004%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
Hi Marina,
i have similar use case
Okta has users imported from the on-prem Active Directory and authenticated with AD credentials via Okta.
can you please share the details and custom policy code how we can do that .
awaiting eagerly for your response as we a project in progress.
Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 88%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
Sorry for late reply, I was on vacation.
I registered a new OIDC App Integration in OKTA pointing the sign-in redirect uri to the B2C instance. https://developer.okta.com/docs/guides/add-an-external-idp/apple/register-app-in-okta/
Also, you need to configure an Access Policy in Okta for your OIDC Application.
For custom policies in B2C I used the examples in this link https://github.com/mleziva/azure-b2c-okta-custom-policy
Let me know if you have further questions.