We have already looked at an ASP.NET Core 2.2 application that leveraged Auth0 for authentication, we will now direct our attention to developing a similar application that leverages Azure Active Directory B2C (Azure AD B2C) for authentication.
First we will need to create our Azure AD B2C tenant in the Azure portal.
Login to the Azure Portal.
Click Create a resource, search for B2C and then select Azure Active Directory B2C.
Click Create.
Creating an Azure Active Directory B2C resource is a two step process, the first step creates the tenant and the second step links it your subscription.
Select Create a new Azure AD B2C Tenant.
Enter an Organization name and Initial domain name.
Note the domain name will need to be unique, and only supports a maximum of 27 characters.
Click Create.
It will take a few minutes to create the Azure AD B2C tenant, once completed click Link an existing Azure AD B2C Tenant to my Active subscription.
Select the subscription you want to link the Azure AD B2C Tenant to, you will also have to link it to a resource group, in this example, we created a new resource group.
Click Create.
Now that the directory is created and linked to your subscription it is ready for us to configure the application, but first we will need to switch to the new directory.
Click on your profile picture in the upper right corner of the Azure portal and click Switch directory.
Select the correct Azure AD B2C Tenant.
The new tenant will open.
Once inside search for Azure, and select Azure AD B2C.
Select Applications and click Add.
This is the beginning of the configuration required for our application to leverage Azure AD B2C for authentication.
Provide a Name.
Make sure Web App/Web API is set to Yes.
Add the URL for the AzureADB2CWebApp for the Reply URL.
You will find this value in the Project Properties on the Debug tab.
Click Create.
We now need to add our attributes to capture the user’s Display Name and Phone when the sign-up.
Click User Attributes and then click Add.
You will only need to add an attribute for Phone, Display Name is already provide as a Built-in attribute.
Next you will need to create a user flow for the sign-in and sign-up process.
Click User flows and then click New user flow.
Select the Preview tab and click Sign-up and sign-in v2.
You will need to provide a Name for your workflow, select Email signup as the Identity provider.
You will also need to select the attributes you want to collect on sign-up and what you would like to return claims.
That’s it!
The Azure AD B2C Tenant is now all set to integrate with our application.
In Part 3 we will Convert Our Application to Authenticate with Azure AD B2C.
Discover more from Matt Ruma
Subscribe to get the latest posts sent to your email.