In this video, Sharon demonstrates how to configure a Microsoft identity for use with the B2C Azure Active Directory for authentication.
- [Instructor] The next thing with the B2C directory is we could use identity providers with authenticator users. These providers could be Facebook, Microsoft, Google Plus, Amazon, or LinkedIn. Right now, if I go ahead and select identity providers, our only options are a user name or email. In order for me to configure a social identity provider, I will have to actually configure in the identity provider's registration portal. For our demonstration, I'm going to use a Microsoft account as our identity provider.
The first thing I need to do is to register my application within the Microsoft application registration portal. The first thing I'm going to do is go ahead an add it now. I'm going to go ahead and provide a name. I'm working off my Star Trec Next Generation theme so I'm going to use STNG. I'm going to go ahead and create the application. Next, I'm going to go ahead and copy the application ID. I'll need to use this in the add your portal.
Next, I need to specify the platform that we're using. I'm going to go ahead and click add platform. In our case it is Web. And finally, I need to enter our URL for our redirects. Microsoftonline.com/te/ I've already started adding in the URL which happens to be https://login.microsoftonline.com/te/.
And then you need to add in the tenant's name. I don't recall what the tenant's name is off the top of my head so I'm going to pop back into my B2C directory just to verify my name. I'm back in the Azure B2C active directory and I can see here it is StarTrecNextgen.allmicrosoft.com. For ease of use and reduced typos I'm just going to go ahead and copy that and I'm going to flip back to my application portal. I'm going to go ahead and enter that in and I'm not done yet.
We get to keep going. I'm going to add in oauth2 and finish it off with an authorization response. And then click add URL. Next you have to scroll up a little bit and generate the new password. As this is the only time we'll be able to see this password, I'm going to go ahead and copy that and I've gone ahead and saved that password in a notepad document just for ease of use.
And finally, under advanced options if Live SDK is not already selected, you'll want to go ahead and select that. And because I went and copied my password, I need to recopy my application ID. Here we go, we are all set here. I'm going to go ahead and click Save. Now these instructions will be different depending on the social identity provider that you are using. Now we can pop back to our tenant. We're back in our tenant, now we can go ahead and select identity providers and we can click add, provide a name.
I'm going to do this for MSAccount. Select your identity provider type, this will be Microsoft then click okay and then set up the identity provider. Client ID will be your application ID that we've copied and saved and then the secret so that will be that password that you notated earlier. You can go ahead and click OK.
We can go ahead and click Create. This will take a few moments to be created and there we go, we have now added in a social identity provider into our B2C Azure active directory.
- Azure AD
- Adding company branding
- Adding a custom domain
- AD Connect configuration
- AD Connect Health
- Administering users and groups
- Configuring SaaS applications
- Granting conditional access
- Revoking access
- Application proxy and discovery
- Integrating web and desktop applications
- Creating an Azure AD B2C directory
- Registering an application
- Creating a Microsoft identity