Setup custom domain URL
By default, your training portal is hosted on <name>.azurefd.net where <name>* is the website name entered by administrator at the time of platform deployment and installation.
Why configure a Custom Domain?
Some customers may prefer to keep their domain name at different providers for branding and trust purposes. We give you the option to “map” your learning portal to a domain of your choice.
If you’re looking to host your Microsoft Community Training instance on a custom domain of your choice, follow the instructions below.
Before you begin
- Make sure you’ve purchased a domain name of your choice from your domain provider (such as Namecheap, GoDaddy).
- Make sure you have access to the DNS registry for your domain provider. For example, to add DNS entries for contoso.com and
www.contoso.com
, you must be able to configure the DNS settings for the contoso.com root domain.
Steps to configure your custom domain URL
- Map the custom DNS name to point to your Microsoft Community Training instance, using a CNAME DNS record.
Note
Add your Front Door URL of your MCT instance wherever specified in the above documentation. It typically looks like https://<InstanceName>.azurefd.net/
Associate the mapped custom domain, with your Microsoft Community Training instance's Front Door resource.
Configure the SSL certificate for your Microsoft Community Training instance.
Use an AFD managed certificate for seamless certificate management, including procurement and renewal.Enable Web Application Firewall on your new domain.
(the setting is available just below the Custom Domain HTTPS configuration)
Select the WAF policy instance that is deployed in the same resource group.Click on the resource group belonging to your Microsoft Community Training instance.
Click on the Managed application instance.
Click on Managed resource group link.
Select the resource for your App Service.
From the left-menu, under Settings, click on Configuration.
Update the configuration setting ContentEndpoint with your custom domain name, followed by the path "/storage". For example -
https://contosolearning.contoso.com/storage
.Important
The above setting is required to be configured with the new custom domain you have created else it might generate issues.
Next based on your chosen identity type, follow the steps below:
For Social Accounts or email based authentication like Google, Microsoft and Facebook follow these steps
For Azure Active Directory (aka Work or School account) follow these steps
For phone number authentication, create a support ticket from Microsoft Community Training HelpDesk using the following values. Our support team will activate your custom URL in 2-3 business days and notify you of the change.
Field Description Title Enter "Set up custom domain URL" Type Select "Request" Subject Under Infrastructure Management, select "Set up custom domain URL" Description Provide your existing URL and new custom URL
Important
Before raising the support ticket for an instance enabled with Phone number authentication, please make sure your training portal is accessible with the configured custom domain. After opening the website, when you click on the SIGN IN the login page should return an error.
For Social Accounts like Google, Microsoft and Facebook
For Production Slot URL
Open B2C Tenant resource from Resource group.
Select Azure Active Directory B2C Settings
Select Applications under Manage and select the application
Under reply URL, please add your new custom domain URL in the format, "https:// {custom domain} /signin-b2c". For example, "https://contosolearning.contoso.com/signin-b2c".
Note
Please ensure the case for "/signin-b2c" is exactly as mentioned since the URL is case sensitive.
Click on Save.
For Staging Slot URL
Open B2C Tenant resource from Resource group.
Select Azure Active Directory B2C Settings
Create a new application. (+ Add)
Enter the name of the application.
Switch on “Web App / Web API”
Make sure “Allow implicit flow” is turned off and “Native Client” is turned off.
Set the reply URI for Azure AD B2C as <basedomain>/signin-b2c (e.g.: 'https://<name>-staging.azurewebsites.net/signin-b2c'. This URL will serve as a temporary testing URL on which the website will be deployed before moving to production.
Note
Please ensure the case for "/signin-b2c" is exactly as mentioned since the URL is case sensitive.
Click on Create
For Azure Active Directory (Work or School account)
For Production Slot URL
In Azure portal, select Azure Active Directory.
Then select App registrations.
Select the application from list of registered apps.
Select Authentication.
Now add the redirect URL in following format,"https:// {customdomain} /signin-azureAD" (e.g.: "https://contosolearning.contoso.com/signin-azureAD")
Note
Please ensure the case for "/azureAD" is exactly as mentioned since the URL is case sensitive.
Click on Save.
For Staging Slot URL
In Azure portal, select Azure Active Directory.
Then select App registrations.
Click + New application registration.
Enter Name of the application, select Application type “Web app/API”
Now add the redirect URL in following format, "https:// {websitename}-staging /signin-azureAD" (e.g "https://contosolearning-staging.azurewebsites.net/signin-azureAD")
Note
Please ensure the case for "/azureAD" is exactly as mentioned since the URL is case sensitive.
Click on Create
Troubleshoot for Custom Domain URL Setup
Following are some troubleshooting steps for the scenario when your website is not reachable even after following all of the above mentioned steps,
Check the DNS entry is propagated by any online tool available. Example.
There can be 2 cases:
No entry is present
Steps to mitigate
Update dns record in corresponding DNS provider. In the above case, the domain was purchased from Microsoft 365, so you will need to follow this documentation.
Every dns provider will have similar documentations. This is one more example from Godaddy
DNS entry is wrong
Steps to mitigate
The domain record should point to the correct AzureFD url (<name>.azurefd.net ). For example,