Is there a way of connect Entra External Id to our Azure B2C federation without using b2c login flow
We have a partner that going to provide a mobile client and Api layer and also there own Microsoft Entra External ID server. That is fine and a good solution. They can solve how the mobile app will login with Entra External ID, but we have in our business system the users within Azure B2C. I have done some reading and it does seems like we can use Entra´s Custom Extensions to get custom claims from B2C. But when it comes to Authentication and federation we would like Entra to have its own user flow since (not using B2C flows) mobile app is totally different than business system.
Do anybody know or have experience of conencting these two in a federation context?
Adding third-party OIDC connections to Entra External ID is now in public preview.
The documentation is here.
The B2C-specific documentation is here.
In External ID, add the B2C connection under “External Identities”.
Set up the basics of the OIDC connection:
The “well-known endpoint” is:
https://b2ctenant.b2clogin.com/b2ctenant.onmicrosoft.com/ B2C_1A_signup_signin_OIDC/v2.0/.well-known/openid-configuration
where “B2C_1A_signup_signin_OIDC” is the SUSI custom policy you created above.
Configure the B2C side as per the links above.
Add this provider to an External ID user flow, and then when you run it, you will see:
I have described the above flow in a post on my blog as well.
- "Schema" property not found in Postgres Connector
- Downloading file from Azure blob storage via Memory Stream
- Reading env variable from template.yaml
- HTTP Error 500.30 - ASP.NET Core app failed to start - Azure
- Azure DevOps Pipelines: TerraformTaskV4: init with different subscription and Workflow Identity Federation
- Enabling HTTPS for a Azure blob static website
- How to search across many Azure Devops Git project and find all files which contain specific text AND which filename contains "Resource"
- Hosting SPA with Static Website option on Azure Blob Storage (clean URLs and Deep links)
- Using Managed Identity to Access Azure OpenAI Service
- Azure data factory not loading
- Transfer encrypted dataprotection keys from a windows vm to azure keyvault
- Refresh powerBI data with additional column
- Azure Application Insights AKS - How to Create 1 custom alert rule which will trigger multiple alerts, but with different names (per pod name)?
- gRPC and REST side by side in Azure App Service, Linux Container
- Connecting to a SignalR WSS stream but not getting the response i am looking for
- SignalR prevent user from opening multiple sessions in different tabs
- Application Insights -_logger.LogInformation
- CosmosDB is not allowing serverless capabalities to NoSQL, it says I must use CapacityMode
- Azure Webapp / Website Swap : HTTP Ping Error
- Microsoft Graph API - Update phoneMethods is no longer working
- Use Azure Key Vault secret in Header section of Web Activity
- Azure Storage blob getting the io.netty.channel.StacklessClosedChannelException while generating /downloading the from SasUrl
- How do I save and later load Azure AnalyzeResult object in python?
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- Azure ADF - HTTP : Table from list
- Self hosted azure devops build agent not getting tool from $PATH
- Azure devops pipeline stages template nesting
- Azure APIM is returning the incorrect HTTP response error when call is missing mandatory querystring parameter
- Azure DevOps build pipeline logid for a specific task - dynamically
- PS script to fetch the list non-compliance resource list with respect to policy from multiple subscriptions