I have an Azure AD B2C tenant and there are 2 app registrations are there under that. One for my API and another for my UI application.
My identity provider is Ping Federate and My login is working correctly.
One thing which I have spotted here, eventhough my login process is happening through PING, there is a local account created here in Azure AD B2C also. The only thing which I can connect between AD B2C account and PING federate user is its ID. There are lot of fields for azure AD B2C local accounts. Those fields are not populated. Only the ID and issuer is populated.
Excuse me for the last question that I am going to ask. Is there any way to create an implementation like, if I create and account in AD B2C, the same should automatically created in PING also.
When you federate in B2C, you create a shadow account, not a local account.
Shadow accounts are usually created in a custom policy by calling “AAD-UserWriteUsingAlternativeSecurityId”, which writes the user entry using “AlternativeSecurityId” (the federated version of the local account “objectId”).
The purpose of this is to act as a placeholder for the user in B2C.
I wrote a post describing how to remove this.
If you would to populate some fields from Ping, you need to add them to the shadow account.