azure-ad-b2c

Is there a way to programmatically create users for testing with Azure AD B2C? The only way to create users that I am aware of is through website signup. Am I missing something? Yes, Azure AD B2C Graph API allows CRUD operations on users. You can create a user by sending a "POST" request to the /users endpoint. The following documentation demonstrates this with a "B2CGraphClient" utils written in C# : Azure AD B2C: Use the Graph (see GitHub link in the page to download the sample code) Please note there are two types of user account in Azure AD B2C : "local accounts" and "work or school

I have this scenario where we have to authenticate corporate users via Azure AD, but the external users via Azure AD B2C - all from the same login screen. There are a few web applications which will share this capability. The applications come from various technology stacks, ranging from .Net to Java-Spring + Angular 2. What is your recommended approach for this? Apologies, if this question has already been asked and answered, but couldn't find much guidance on this. Will MSAL library solve this? Besides, there aren't any MSAL implementation for Java yet. Will Azure AD B2C Premium support this

I don't understand how the 'Scopes' in Azure B2C are supposed to be used. They are associated with an API, but not a user. I'm sure I'm missing something, but I see no practical use for something associated with an API. I've used and implemented Claims-based authentication based on a user's role in the database. For example: ordinary users of an API should not have the authority to delete an object, but administrators should have the authority. Does someone have a practical example of how these B2C 'Scopes' can be used to limit a users access to the API? They are associated with an API, but

my angular app has 1000s unique routes and users should be able to click on login button from any of those pages. Have implemented msal.js basing on this sample : https://github.com/Gimly/simpleAngularAzureB2C/blob/master/src/app/authentication.service.ts I am getting following error when calling login method: AADB2C90006:+The+redirect+URI+' http://localhost:39579/unique-uri '+provided+in+the+request+is+not+registered+for+the+client+id+ Is there a way to get around this? Thanks! By default, the Msal.UserAgentApplication constructor sets the "redirect_uri" request parameter to the current URL,

I am creating new users in Azure AD B2C using the graph client api. The json i send to the api looks like the following: { "creationType": "LocalAccount", "passwordProfile": { "password": "a:898;keJPpN/69X", "forceChangePasswordNextLogin": true }, "passwordPolicies": "DisablePasswordExpiration", "objectId": null, "accountEnabled": true, "displayName": "John Doe", "mailNickname": "john.doe", "signInNames": [ { "type": "emailAddress", "value": "john.doe@provider.com" } ] } The user is then created correctly. However, once I try to login with the newly created user using the flow "Sign in v2", I

We are using AD B2C for authentication on our web app. Last week we started receiving a 403.76 when calling our APIs that are hosted in Azure and locked down by Active Directory using our AD B2C tenant. We haven't changed any config settings in AD when the change occurred. We rolled back all of our code which didn't help. We verified that our token is valid in jwt.io. We confirmed that our audience is correct and permissions was set properly in app registrations. We can see the easy auth error 403.76 when going in to "Diagnose and solve problems" section of the function app and drilling into