This post explains how to configure Azure B2C for the PowerApps portal. This presupposes having an active Azure B2C tenant.

Steps to configure

Configure Azure AD B2C settings

Register a new App

  1. Sign-in the Azure B2C tenant
  2. From the left-hand side blade select ManageApp registrations+New registration

Configure the registered App

1. Type a Name
2.  Under Supported account types, select Accounts in any identity provider or organizational directory (for authenticating users with user flows)
3. In the Redirect URI field, type the Powerapps portal Reply URL, e.g. https://yourportalname.powerappsportals.com/signin-aad-b2c_1
4. Mark the Grant admin consent to openid and offline_access permissions checkbox.
5. Select Register.

Create a New user flow

1. Open the  Azure AD B2C
2. From the left blade select PoliciesUser flows+ New user flow

3.  On the next page “Create a user flow“, select the Sign up and sign in flow type.

4. Then, select the Recommended version and click Create.

5i. Type a Name for the user flow, e.g. Powerapps-Portal-Signup-Signin.

5ii. Under Identity providers,  select Local accountsEmail signup *

* In case you have configured other identity providers like Microsoft, Google etc. You can select them.

6. For Multifactor authentication, leave the default settings, Type of method [Email] and MFA enforcement [Off]

7. Under the User attributes and token claims, select attributes and claims you want to collect during a new sign-up. For example, in the demo app, have selected the Given Name and the Surname.
8. At the final step, select Create.

Configure the User flow

Change the Token compatibility settings

1. Open the Sign up and sign in flow
2. From the left blade, select SettingsProperties and change the Issuer (iss) claim URL with the one that included tfp, and click Save.

3. Run user flow, and then click on the OpenID configuration URL to open a new tab on the browser.

4. Copy the Issuer URL from the browser.*

*Make sure to copy the URL without the quotation marks “”

At this point, you have finished with the registered app. What you need for the configuration is:

i. Application (client) ID

ii. Issuer URL 

https://##########.b2clogin.com/tfp/########-####-####-####-############/b2c_1_powerapps-portal-signup-signin/v2.0/

iii. Redirect URL

Configure Portal Authentication settings

  1. Login to https://make.powerapps.com

Select Identity providers Azure AD B2C and click Configure

 

 

Now, copy and paste the necessary values to the Site settings section.

Authority: => Issuer URL
Client ID: => Application (client) ID
Redirect URL: => Redirect URL

See Also

Share This