cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcing the general availability of two key features in Azure AD B2C
By
Alex Simons (AZURE)
Published Aug 15 2019 09:00 AM 16.3K Views
Alex Simons (AZURE)
Microsoft
‎Aug 15 2019 09:00 AM

Announcing the general availability of two key features in Azure AD B2C

‎Aug 15 2019 09:00 AM

Howdy folks,

 

I’m excited to announce the general availability of two key features in Azure AD B2C. First, is the ability to add custom OpenID Connect (OIDC) identity providers for user flows. Second, is the capability to passthrough the access token from identity providers to your application.

 

Adding custom OIDC identity providers 


Our custom policies currently allow you to use any OIDC identity provider. We extended this capability to the built-in user flows. Just like you can sign in users into Azure AD B2C via Facebook and Google, you can now use any other OIDC identity providers in your user flows. You can even use this to allow users to sign in to Azure AD B2C using their Azure AD work accounts.

 

To set this up, on the Identity Providers blade, click the New OpenID Connect provider button, and enter the OIDC metadata information. For details, read Set up sign-up and sign-in with OpenID Connect using Azure Active Directory B2C.

 

OpenID Connect identity provider configuration in the Azure portal.OpenID Connect identity provider configuration in the Azure portal.

 

Use the access token from identity providers in your application

We made it easier for your application to leverage the power of social identity providers and their APIs. When a user signs in using an identity provider, like Facebook, your application can now get the identity provider's access token passed through as part of the Azure AD B2C token. You’ll be able to use this access token when you call the identity provider’s API, such as the Facebook Graph API. To learn more, read Pass an access token through a user flow to your application in Azure Active Directory B2C.



Identity provider access token in an Azure AD B2C token.Identity provider access token in an Azure AD B2C token.

We always love to hear your feedback and suggestions. Let us know what you think in the comments below or email the team at aadb2cpreview@microsoft.com. 

 

Best regards,

Alex Simons (@Alex_A_Simons)

Corporate VP of Program Management

Microsoft Identity Division

3 Comments
Sahil_Malik
Microsoft
‎Aug 15 2019 10:05 AM
‎Aug 15 2019 10:05 AM

The second capability, "Use the access token from identity providers in your application", I assume that can also be used with AAD as an IdP, making it easier to call Graph under user identity, right? Also, how can I request new access tokens for new resources from the identity provider, after I sign on?

Mr_Smith
Iron Contributor
‎Aug 19 2019 06:58 AM
‎Aug 19 2019 06:58 AM

Just sent some feedback; love if you can add some more input and output claims functionality; even to simple modify the output claims in the UI. The XML modifications have a lot of possibilities, but it's time consuming and not so easy to use. Love the pass-through concepts that opens for a lot more options to deliver even more great secure possibilities.

0 Likes
Like
Andreas Helland
Iron Contributor
‎Aug 22 2019 12:55 AM
‎Aug 22 2019 12:55 AM

@Mr_SmithI agree that the ClaimsTranformations in XML are slightly cumbersome to work with. I don't know your use cases, or if you have solved them, but I find myself using Azure Functions more and more to process both inbound and outbound claims. (Now inlining that into the custom policies could be entertaining as a new feature.)

Version history
Last update:
‎Jul 24 2020 01:36 AM
Updated by: