Versions Compared

Version Old Version 4 New Version 5
Changes made by

Elias Brattli Sørensen

Elias Brattli Sørensen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This guide shows you how to configure a User Flow Policy in Azure AD B2C. After you have done this, you may configure OpenID Connect.

Azure AD B2C user flows and user policies may be vastly complex. We cannot possibly cover all the options here, but will show some examples on what to configure.
It is recommended to use a standardized “User flow” if you can (see , but it’s possible for special requirement to configure custom policies (see https://learn.microsoft.com/en-us/azure/active-directory-b2c/custom-policy-overview ).

Setting up a User Flow

1. New user flow

...

Select the recommended flow.

...

2.

...

Set up user flow

Give your user flow an appropriate name, choose what MFA policy you like, and select user attributes and claims. Like you see, it’s not necessarily an option to select email emails for a return claim . This is potentially limiting in use with Kantega SSO, since the user cannot be provisioned to your Atlassian application with JIT provisioning.at this point.

...

3. Configure claims

After your new flow has been created, select it and go to Application claims. Here, make sure that email addresses, Given name, suname, display name and User’s Object ID are selected.

...

By default, a B2C user flow will not send the email attribute with the userinfo endpoint, or any data in the userinfo endpoint. To do this, you will have to configure a custom user policy. This requires some work.

...

Add the email claim as an <OutputClaim> in the SignUpOrSigning policy file under SocialAndLocalAccounts:

...

Then you will in this starter pack be able to configure a profile for the userinfo endpoint. This Microsoft guide explains in more detail how to configure a userinfo endpoint: https://learn.microsoft.com/en-us/azure/active-directory-b2c/userinfo-endpoint?pivots=b2c-custom-policy


Uploading the custom policy

...

You might encounter issues uploading the custom policy. If so, this automated tool helps you deploy the starterpack: https://b2ciefsetupapp.azurewebsites.net. Read more about custom policies in Microsoft’s guide:

...