Showing posts with label B2C features blade. Show all posts
Showing posts with label B2C features blade. Show all posts

Wednesday, May 17, 2017

Azure Active Directory B2C- Register your application

If you have the B2C features blade pinned to your Startboard, you will see the blade as soon as you sign in to the Azure portal as the Global Administrator of the B2C tenant.
You can also access the blade by clicking More services and then searching Azure AD B2C in the left navigation pane on the Azure portal.

Register a web application

  1. On the B2C features blade on the Azure portal, click Applications.
  2. Click +Add at the top of the blade.
  3. Enter a Name for the application that will describe your application to consumers. For example, you could enter "Jo B2C App".
  4. Toggle the Include web app / web API switch to Yes. The Reply URLs are endpoints where Azure AD B2C will return any tokens that your application requests. For example, enter https://localhost:38143/.
  5. Click Create to register your application.
  6. Click the application that you just created and copy down the globally unique Application Client ID that you'll use later in your code.
  7. If your web application will also be calling a web API secured by Azure AD B2C, you'll want to create an Application Secret by going to the Keys blade and clicking the Generate Key button.

Register a web api

  1. On the B2C features blade on the Azure portal, click Applications.
  2. Click +Add at the top of the blade.
  3. Enter a Name for the application that will describe your application to consumers. For example, you could enter "Jo B2C api".
  4. Toggle the Include web app / web API switch to Yes. The Reply URLs are endpoints where Azure AD B2C will return any tokens that your application requests. For example, enter https://localhost:38143/.
  5. Enter an App ID URI. This is the identifier used for your web API. For example, enter 'notes'. It will generate the full identifier URI underneath.
  6. Click Create to register your application.
  7. Click the application that you just created and copy down the globally unique Application Client ID that you'll use later in your code.
  8. Click on Published scopes. This is where you define the permissions (scopes) that can be granted to other applications.
  9. Add more scopes as necessary. By default, the "user_impersonation" scope will be defined. This gives other applications the ability to access this api on behalf of the signed-in user. This can be removed if you wish.
  10. Click Save.

Register a mobile/native application

  1. On the B2C features blade on the Azure portal, click Applications.
  2. Click +Add at the top of the blade.
  3. Enter a Name for the application that will describe your application to consumers. For example, you could enter "Jo B2C App".
  4. Toggle the Include native client switch to Yes.
  5. Enter a Redirect URI with a custom scheme. For example, com.onmicrosoft.jollsam.appname://redirect/path. 
  6. Click Save to register your application.
  7. Click the application that you just created and copy down the globally unique Application Client ID that you'll use later in your code.
  8. If your native application will also be calling a web API secured by Azure AD B2C, you'll want to create an Application Secret by going to the Keys blade and clicking the Generate Key button.

Choosing a redirect URI

There are two important considerations when choosing a redirect URI for mobile/native applications:
  • Unique: The scheme of the redirect URI should be unique for every application. In our example (com.onmicrosoft.jollsam.appname://redirect/path), we use com.onmicrosoft.jollsam.appname as the scheme. We recommend following this pattern. If two applications share the same scheme, the user will see a "choose app" dialog. If the user makes an incorrect choice, the login will fail.
  • Complete: Redirect URI must have a scheme and a path. The path must contain at least one forward slash after the domain (for example, //jollsam/ will work and //jollsam will fail).

Build a Quick Start Application

Now that you have an application registered with Azure AD B2C, you can complete one of our quick-start tutorials to get up and running