App setup in Azure B2C For External Portal

You can set up Apps in Azure B2C for external Portal users. Follow below steps to setup apps in Azure B2C:


  1. Create an Azure AD B2C tenant with help of below link:

    https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-tenant


  2. Create an application in Azure AD B2C tenant, with the help of below steps.


  3. Switch to your newly created in Azure AD B2C directory ( created in step1).


  4. In the B2C tenant directory (created in step1) open Azure AD B2C and click on App RegistrationsNew Registration.


  5. In App registration window, in The display name for this application provide a valid name for the App (for example AppForPortal) and in Supported Account type select Accounts in any organizational directory or any identity provider for authenticating users with Azure AD B2C.


  6. In App registration window , in Redirect URI select SPA and in URL provide the portal URL (if you don’t have Portal URL you can leave this blank for now and update it later, but this is needed for functioning of app). Check Grant admin consent to openid and offline_access permissions and click on Register.


  7. Select newly created application and in API permissions check for openid permission being present. This permission is added by default.


  8. Select the new app created and go to Authentication and check Access Token and ID token check box and click on Save.


  9. In newly created app go to Users flows and click on New user flow.


  10. Under Create a user flow select Sign-in and under Version select Recommended and click on Create, to create SignIn policy.


  11. In Name provide any valid name for example “signin” and in Identity Providers check Email signin checkbox. In Return claims click Show More, and check Email Addresses checkbox. Click OK and Create.


  12. For selected app create another user flow by clicking on User flows and then click on New user flow.


  13. Under Create a user flow select Sign up and under Version select Recommended and click on Create, to create SignUP policy.


  14. Provide a valid name for example “signup”. Under in Identity Providers check the Email Signup checkbox. In claims click Show More and check the Email Address and Display Name check boxes. Then click on OK and Create.


  15. Open the Sign up User Flow and select Application claims. In Application claims check Email Addresses checkbox click on Save.


  16. Create a new user flow for password reset. Click on User flows and then click on New user flow.


  17. Under Create a user flow screen select Password reset and under Version select Recommended and click on Create.


  18. Under Name provide a valid name for example “passwordreset”. Under Identity providers check Reset Password using email address checkbox. In claims click Show More, select Email Addresses checkbox and click OK and Create.