stackoom
  简体   繁体   中英

Why Azure B2C app registration owned app not appearing in Enterprise Applications?

 原文  2021-07-21 21:57:28       azure/ azure-ad-b2c

Question

I've registered the B2C SAML app with the help from https://docs.microsoft.com/en-us/azure/active-directory-b2c/saml-service-provider?tabs=windows&pivots=b2c-custom-policy

I'd like to try Idp initiated sign-in using myapplications.onmicrosoft.com, but I could not find the my SAML app on myapplications list. I guess the reason being that "App registration" based SAML application is not displaying under B2C tenant active directory "Enterprise Applications" blade. In Idp Initiated myapplications.onmicrosoft.com will only shows the apps icons of enterprise applications list?

My question here,

  1. Why Azure AD B2C "App registrations" - owned SAML application is not listing under B2C tenant enterprise applications? Is this expected behaviour?

  2. If I need to use Idp initiated sign-in page for my B2C SAML application, what would be the correct approach?

I appreciate if you can shed any light on this.

Thanks.

2 answers

solution1
 2 ACCPTED  2021-07-22 02:48:03

Yes that is expected.

The federation style app registration(Saml or ws-Federation) is intended to provide Idp for old Apps(Saml or ws-Federation) living in other realm. As they has nothing to do with the AAD B2c, Enterprise application (local representation or service principal of the app) is not needed. Also they are pretty old protocol comparing to oath2/openid connect.

So in AAD world, you want to register you app using the default app registration, where you can choice single tenant(an enterprise application will be automatically created in the same tenant) or multiple tenant(manually create enterprise application in each tenant) and you use oath2/openid connect to initiate login.

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/azure-ad-b2c?view=aspnetcore-5.0

.

solution2
 1  2021-07-22 21:48:19

To answer the second question, it's described here .

You need to set:

<Item Key="IdpInitiatedProfileEnabled">true</Item>

and the URL is of the form:

https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/<policy-name>/generic/login?EntityId=app-identifier-uri

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Azure AD B2C App Registration Graph API — Clarification Azure B2C App Registration - why can't I change my redirect URI? Azure App registration does not appear in Enterprise applications Azure AD B2C application vs Azure App Registration app Purpose of creating an Azure AD B2C App registration inside a regular Azure AD Tenant? Azure AD B2C - Error AADB2C90018 immediately after the app registration was created Using policies with azure app registrations vs using policies with azure b2c applications Should Azure App registration be on primary or b2c Tenant for custom REST api AD B2C Registration App Redirect URI does not Function B2C App registration with custom SAML policy - configuring claims
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM