Published in The new control plane

·Jun 22

Linking a federated login against an existing Azure AD B2C local account

This post was inspired by this stackoverflow question. It refers to this sample policy. I have posted around linking here and here so I thought it was worth exploring the subject further. Normally, when you federate with AAD, B2C creates a “shadow” local account. The identity structure looks like this: …

Azure Ad B 2 C

5 min read

Published in The new control plane

·Jun 20

Fixing one of the Azure AD B2C samples that blocks a disabled federated user.

This was inspired by a stackoverflow question. It refers to a B2C sample custom policy. Looking at it, I felt like Alice in Wonderland: “Curiouser and curiouser!’ cried Alice”. This is an old sample. It still uses “socialIdpUserId”. <! — The claim socialIdpUserId has been renamed to issuerUserId → I…

Azure Ad B 2 C

2 min read

Published in The new control plane

·Jun 15

Getting an access token in Azure AD B2C

There’s a good write-up here. Let’s go through the steps. I have an API that’s configured in App Registration called “ToDo API”.

Azure Ad B 2 C

2 min read

Published in The new control plane

·Jun 13

Searching for Identities in Azure AD B2C using the Graph API

I discussed Identities here. You may find that you get an error when you try and add an identity. Maybe it’s a duplicate? The question is how to find the duplicate identity in B2C? You can find the search query parameters here. I’ve used the B2C user utility. The search…

Azure Ad B 2 C

2 min read

Published in The new control plane

·May 25

Using identities and linking them in Azure AD B2C

There’s a good description of identities in Azure AD B2C here. To paraphrase: “A customer account, which could be a consumer, partner, or citizen, can be associated with these identity types: Local identity — The username and password are stored locally in the Azure AD B2C directory. …

Identity

7 min read

Using identities and linking them in Azure AD B2C

Published in The new control plane

·May 17

Using a QR code with Azure AD B2C

There’s a custom policy sample for TOTP here. There’s some documentation around MFA and TOTP display controls The sample assumes that you are only going to proof up with one authentication application. To that end, it calls “AzureMfa-GetAvailableDevices” and in the user journey, it checks “numberOfAvailableDevices” and if zero, then…

Azure Ad B 2 C

3 min read

Published in The new control plane

·Apr 12

Using nested JSON in a REST API call with Azure AD B2C

There are two good references for this: here and here. As usual, we use Beeceptor and the gist of the custom policy is here. The Beeceptor API is:

Azure Ad B 2 C

2 min read

Published in The new control plane

·Mar 23

API HTTP server errors with Azure AD B2C

Have a read of this post first. Notice how a managed HTTP 409 API error is displayed on the user’s screen. But what happens if the API returns a HTTP server error? You can configure HTTP errors in Beeceptor.

Azure Ad B 2 C

2 min read

API HTTP server errors with Azure AD B2C

Have a read of this post first.

Notice how a managed HTTP 409 API error is displayed on the user’s screen.

But what happens if the API returns a HTTP server error?

You can configure HTTP errors in Beeceptor.

Published in The new control plane

·Mar 22

Issues with an Azure AD B2C self-asserted page calling a ValidationTechnicalProfile

I’ve had a number of issues with a self-asserted page calling a validation TP. In the validation TP, I set a flag. Later on in the user journey, I test the flag but it never seems to be set. e.g. the validation TP has something like: <TechnicalProfile Id="regexAnalysisSignInName"> <DisplayName>Check signInName…

Azure Ad B 2 C

1 min read

Published in The new control plane

·Mar 9

Mocking Azure AD B2C REST API calls

There are a number of mocks out there but I’m currently using Beeceptor. You can register and get a free account in minutes. Then you specify your root API URL. In my case, it’s: b2cxxx.free.beeceptor.com Now I want to mock a “Get customer details” call from B2C. …

Azure Ad B 2 C

3 min read

Linking a federated login against an existing Azure AD B2C local account

Fixing one of the Azure AD B2C samples that blocks a disabled federated user.

Getting an access token in Azure AD B2C

Searching for Identities in Azure AD B2C using the Graph API

Using identities and linking them in Azure AD B2C

Using a QR code with Azure AD B2C

Using nested JSON in a REST API call with Azure AD B2C

API HTTP server errors with Azure AD B2C

API HTTP server errors with Azure AD B2C

Issues with an Azure AD B2C self-asserted page calling a ValidationTechnicalProfile

Mocking Azure AD B2C REST API calls

Rory Braybrook