Get Started with Azure Active Directory B2C – Part 2

In the first part of the tutorial, you learnt about the Azure Active Directory B2C solution for your consumer-facing web and mobile applications.  We also walked through the first step of using Azure Active Directory B2C – Creating a new Azure AD B2C tenant.

In Part 2, you will register your web application, and create your sign-up and sign-in policies.

Register your Web app

Now it’s time to register a Web app in your B2C tenant. Click Mange | Applications | Add.

azureadb2c-7

Enter “MyWebApp” as the Name in this demo and toggle Include web app / web API to Yes. This will provide some additional configuration options.

Add localhost:44316/ as a Redirect URI. This is where Azure AD B2C will post tokens back on successful sign up or sign in. For this exercise, we will be running the web app locally using Visual Studio.

azureadb2c-8

Click Create at the bottom of the blade to create the application reference. It will take a few moments to commit.

When your application shows up in the Applications blade, click it. Then copy the Application Client ID assigned to it.

azureadb2c-9

 

Create your Sign-up Policy

Next, you need to create a sign-up policy. Policies are settings that fully describes consumer identity experiences such as sign-up, sign-in, profile editing, and password reset. Your app can trigger the appropriate experience by invoking the right policy (as a query parameter ‘p’) as part of the authentication request. From the Settings blade, select Sign-up policies | Add.

azureadb2c-10

Enter “sign_up” as the Name. Your policy name will be automatically prefixed with “b2c_1_”.

For Identity Providers, select Email sign-up and click OK. This enables consumers to sign up with email addresses and password.

For Sign-up attributes, select City, Country/Region, Display Name, and Postal Code and click OK. These are the attributes collected from a consumer during sign-up, (i.e., on a registration form).

For Application claims, select Display Name, Postal Code, User is new, and User’s Object ID and click OK. These are claims returned back in a token to your app after a successful sign-up.

You can ignore Multifactor authentication and Page UI customization for now. Click Create at the bottom.

azureadb2c-11

 

Create your Sign-in Policy

You now need to create a sign-in policy. From the Settings blade, select Sign-in policies | Add.

azureadb2c-12

Enter “sign_in” as the Name. Once created, your policy name will be automatically prefixed with “b2c_1_”.

For Identity Providers, select Local Account SignIn and click OK. This enables consumers to sign in with email addresses and passwords.

For Application claims, select Display Name, Postal code, and User’s Object ID and click OK. These are claims returned back in a token to your app after a successful sign-in.

You can ignore Multifactor authentication and Page UI customization for now.

Click Create at the bottom.

azureadb2c-13

 

Leave a Reply

Be the First to Comment!

Notify of
avatar

wpDiscuz