Integrate Azure AD B2C with App Service Authentication

Question

Hi.

We have an App Service running in Azure.

A third party has created an AD B2C for us, provided us with the client id and secret and a profile URLs for signup / signin, edit profile and change password.

Now, we were trying to set up this AD B2C as an Identity Provider in the Authentication blade in the Azure portal for our App Service.

So far so good, requesting /.auth/login/aad?post_login_redirect_url=/user-info in the browser redirects to the login page, but after signing in this error is shown:

{"code":401,"message":"An error of type 'unauthorized_client' occurred during the login process: 'AADB2C90057: The provided application is not configured to allow the 'OAuth' Implicit flow.\r\nCorrelation ID: b17d0ae0-...\r\nTimestamp: 2021-05-27 13:05:49Z\r\n'"}

How can we configure that the Authentication support in Azure uses the Authorization Flow? Is there an alternative way to integrate AD B2C as an IdP for an App Service somehow?

Thanks!

Answer 1

Hi @cbley · Thank you for reaching out.

When App Service is configured with Authentication, it by default uses hybrid authentication and request for code+Id_token, and requires you to select the checkbox for ID tokens in the Authentication blade of the Application whose client id you are using. To configure it, navigate to:

Azure Active Directory > App Registrations > Your Application > Authentication >under Implicit grant and hybrid flows section > select the checkbox for ID tokens (used for implicit and hybrid flows).

-----------------------------------------------------------------------------------------------------------

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.