azure-ad-b2cazure-ad-b2c-custom-policy

Azure B2C multi-tenant Microsoft Entra ID doesn't allow sign in as another Microsoft account

After following this tutorial to setup AD B2C multi-tenant for Microsoft sign in: Set up sign-in for multitenant Microsoft Entra ID using custom policies in Azure Active Directory B2C, we encountered this issue:

  1. Make sure to logout to all Microsoft accounts.
  2. Sign in to app through B2C login page as Microsoft account A.
  3. B2C redirects to the app.
  4. Logout from the app, the app then redirects to B2C login page.
  5. Try to sign in again to the app using B2C login page as a Microsoft account B.

Actual result: AD B2C automatically sign-in as account A. The similar behavior happens here: B2C Live Demo

Is there a way for us to configure AD B2C custom policy to always show Microsoft Pick an account page and choose which Microsoft user to sign in then? Thanks.

Solution

  • FYI, this answer works for me:

    1. Update custom policy and define ‘prompt' input claim as string:
    <ClaimType Id="prompt">
    <DataType>string</DataType>
</ClaimType>
    1. Add input claim 'prompt' in 'AADCommon-OpenIdConnect' technical profile and set 'DefaultValue' to 'select_account':
    <InputClaims>
    <InputClaim ClaimTypeReferenceId="prompt" PartnerClaimType="prompt" DefaultValue= "select_account"/>
</InputClaims>