Has anyone tried to use Azure B2C for their external users through their own homegrown portal? We are running into issues trying to use OIDC as the protocol to secure it and have SSO work properly. OIDC's security model is to restrict 3rd party initiated logins so once we have users login to our portal, and pass the tokens from our portal to another app, we get an issuer mismatch error from our apps and can't create an SSO login experience for our users.

1.9k views1 Upvote2 Comments

Sort by:

VP of Engineering in Insurance (except health)2 years ago

We do not use azure b2c in our company – we use aws and okta - but it sounds like there's a configured trust missing. Depending how your team set it up the trust is missing either between different auth servers or missing policies across apps within an auth server. Sorry I don't have a better answer but I hope this helps!

VP of Application Development in Finance (non-banking)2 years ago

This article uses a sample JavaScript single-page application (SPA) to illustrate how to add Azure Active Directory B2C (Azure AD B2C) authentication to your SPAs. https://learn.microsoft.com/en-us/azure/active-directory-b2c/configure-authentication-sample-spa-app

Also this may be helpful if they are using .NET https://learn.microsoft.com/en-us/entra/msal/dotnet/acquiring-tokens/desktop-mobile/social-identities

Content you might like

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented

What is your business’ top priority as it prepares for the post COVID-19 world?

Ensuring business resiliency17%

Boosting revenue growth54%

Reducing costs17%

Accelerating innovation6%

Transforming your business model4%

View Results

How would you rate the ease of using your existing IT tools (Admin portal, scripting tools, etc.) to find selected files in your cloud collaboration platform and make bulk access permission changes? Rate on a scale of 1 to 5 (1 being the hardest and 5 being the easiest)

18%

230%

338%

418%

54%

View Results

Our organization is subject to data retention requirements over very long periods (50 years or more). Do your organizations face similar constraints? If so, what long-term retention strategy have you implemented for these regulated data, and what technologies or solutions do you use to ensure their durability and compliance?

I'm keen to understand what other companies name their 'infrastructure and operations' department. A recent change has led to a team merge, and the team themselves aren't enthralled by the department name, Infrastructure & Operations. Team responsibilities include: Enterprise technology (Cloud compute, collaboration tools, Operations and Service Desk) Development experience (Cloud hosting, code mgt, deployment pipelines, APis etc)

Sort by:

Content you might like

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented

What is your business’ top priority as it prepares for the post COVID-19 world?

How would you rate the ease of using your existing IT tools (Admin portal, scripting tools, etc.) to find selected files in your cloud collaboration platform and make bulk access permission changes? Rate on a scale of 1 to 5 (1 being the hardest and 5 being the easiest)

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

DevSecOps: Strategies, Organizational Benefits and Challenges

Green Cloud Computing

Omnicloud: The Future of Cloud Computing?

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go