Reputation: 907
Azure AD B2C Importing in users
I have a requirement to create a B2C directory and use the graph to import members in from an old .NET Membership based app.
So I followed this tutorial https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet which states I have to create a B2C directory using Powershell.
Steps I have taken
1) Create a new global admin user in the classic management portal 2) Installed the Powershell modules and followed the tutorial to create the application in this directory by using the global credentials.
If I use the sample app from https://github.com/AzureADQuickStarts/B2C-GraphAPI-DotNet.git, I can connect to this app and can query it as expected.
Problems
1) I cant see the app anywhere in the Azure (or classic) portal under the tenant? I actually think I have managed to create a few apps using this tutorial but have no idea what tenant they have fallen under as I cant see them!
2) If i try to connect to the same app using the quickstart webapp https://github.com/AzureADQuickStarts/B2C-WebApp-WebAPI-OpenIDConnect-DotNet I get an error on the Microsoft hosted page saying
'Sorry, but we're having trouble signing you in. We track these errors automatically, but if the problem persists feel free to contact us. In the meantime, please try again. Correlation ID: XXXXXXXXXXXXXXXXXXXXXXXXX Timestamp: 2017-03-01 17:37:35Z AADB2C90018: The client id 'XXXXXXXXXXXXXXXX' specified in the request is not registered in tenant 'http://MYTENANTB2C.onmicrosoft.com '.'
I did also try numerous ways of doing this via powershell on a directory created in the portal but couldnt get anywhere.
Can you outline some more explicit steps on how to achieve this requirement as there seems to be very little info on how to achieve this.
Update...
I actually did create the B2C app in the new portal, and used the same links to create the signup-sign in web app which works perfectly fine. The problem I was having is that I cannot connect to this directory using the Graph quickstart app.
I managed to get some progress. The problem was I was connecting to the wrong Azure Directory (Seems like I have more than 1 'Azure directory' under my name, as I have a Bizspark account and then the AD B2C had to be in a Free Trial subscription so created another 'Azure Directory'. Very confusing).
Once i created the service principal, I can now find it in the classic portal and also via console using Get-MsolServicePrincipal | ft DisplayName, AppPrincipalId –AutoSize so that's progress! However I still cannot see it in the new portal, so therefore how would I setup everything else? (eg the reply url, get access keys, enable webapp/webapi/native etc). For the graph client, I need the Client Secret but im confused whether this should be the one generated in powershell or the Keys you can generate in the new portal (which I cant do as I cant see the app!)
Sorry, real newbie at this!
Upvotes: 2
Views: 3177
Answers (2)
Reputation: 6006
Microsoft has updated the learn.microsoft.com which lets you create the graph api in azure portal itself, but it will be an application created in azure AD not an B2C application. For importing user you need to download the https://github.com/AzureADQuickStarts/B2C-GraphAPI-DotNet and create a custom class where you can pull the data and then call the CreateUser(args) method in Program.cs or use this sample to import data.
Upvotes: 1
Reputation: 14649
1) I cant see the app anywhere in the Azure (or classic) portal under the tenant? I actually think I have managed to create a few apps using this tutorial but have no idea what tenant they have fallen under as I cant see them!
By default, the Azure portal doesn't show those service principal which not associate with the application. However, we can show these service principal by filter the apps using AppPrincipalId like figure below:
2) If i try to connect to the same app using the quickstart webapp https://github.com/AzureADQuickStarts/B2C-WebApp-WebAPI-OpenIDConnect-DotNet I get an error on the Microsoft hosted page saying
To build an application that accepts consumer sign-up and sign-in with Azure AD B2C app, we cannot use applications registered in the Applications tab on the classic Azure Management Portal(PowerShell like above also doesn't work) for this.
We need to use Azure AD B2C features blade to register the app. We can access the blade by clicking More services and then searching Azure AD B2C in the left navigation pane on the Azure portal(refer here about the detail of registering the apps). And below is a helpful link to integrate Azure AD B2C to sign-Up and sign-In in a ASP.NET Web App:
Azure AD B2C: Sign-Up & Sign-In in a ASP.NET Web App
In addition, if you have any ideas or feedback about Azure, you can submit it from this forum.
Update
Grant the Azure AD Graph permission to app.
Classic portal:
New portal:
Upvotes: 1
Related Questions
- Migrate users to Azure AD B2C from multiple sources
- Azure AD B2C user creation
- Bulk upload users to Azure B2C with custom attributes
- Can I Use ADConnect to migrate users to Azure B2C
- Use Azure Active Directory B2C without migrating users
- Migrating Azure AD B2C Users from Region to Region
- Migrate B2C Tenant Users to other B2C tenant
- Azure B2C - Migrating users from SQL Database to B2C tenant
- Azure Active Directory B2C
- Azure Active Directory B2C User Management