Azure AD B2C Not Displaying Custom Signup Page

Question

I'm building an AspNet Core 2.1 website using Azure AD B2C authentication, based on the example code I found here.

I can authenticate against the Google identity provider. But instead of showing a custom page based on the attributes I selected for the signup/signin policy in the Azure AD B2C portal, all I get is the normal Google authentication page asking me which Google account I want to authenticate against.

I was able to display a custom page listing all the attributes I'd defined in an earlier version of my project, which used the deprecated microsoftonline.com domain. But now that I'm using the recommended b2clogin.com domain the page is no longer appearing. I don't know if that change has anything to do with the missing page, but I thought I'd mention it.

My appsettings.json file is:

{
  "AzureADB2C": {
    "ApiScopes": "https://ridemonitor.onmicrosoft.com/api/user.read",
    "ApiUrl": "https://ridemonitor.azurewebsites.net/hello",
    "CallbackPath": "/signin-oidc",
    "ClientId": "**redacted**",
    "Domain": "ridemonitor.onmicrosoft.com",
    "EditProfilePolicyId": "b2c_1_ProfileEditing",
    "Instance": "https://ridemonitor.b2clogin.com/tfp",
    "RedirectUri": "https://localhost:44305/signin-oidc",
    "ResetPasswordPolicyId": "b2c_1_PWReset",
    "SignUpSignInPolicyId": "b2c_1_SignUpIn"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Warning"
    }
  },
  "AllowedHosts": "*"
}

Update

I've configured two identity providers for my app, Google and Microsoft Account. The Microsoft Account provider does, in fact, display a customized page listing all the attributes I set in the Azure AD B2C portal when I authenticate it. It's just the Google route which has stopped displaying the custom attribute page.

The redirect uri in Google Cloud Platform -> Credentials is:

https://ridemonitor.b2clogin.com/ridemonitor.onmicrosoft.com/oauth2/authresp

which is the url I should be sent to, and used to be sent to by the Google identity provider, and is the url the Microsoft Account identity provider sends me to when I try to log in.

It looks like I need to update something in my Google configuration, but I'm not sure what.

Update #2

Using the Chrome developer's console, and Link Redirect Trace, I tried to see how I ended up on the pages I ended up on after clicking both the Google and Microsoft Account signin/signup links.

The Google button lands me on the generic Google login page. The initial redirect (there are several subsequent ones) appears to be:

https://accounts.google.com/signin/oauth?client_id=769952297467-qhqd9brt7pl4sra1hnjhnnqchce2h6f1.apps.googleusercontent.com&as=c-8m6tr-h2tUDpRHqIApkQ&destination=https://ridemonitor.b2clogin.com&approval_state=!ChR4aFltdld5TGNwWUEyUlA1R0R6TRIfczBDdExlN01TRElYa013TWpqbVNUV1h5alREUVloWQ%E2%88%99ANKMe1QAAAAAW7K6uQbexonsHodkbBOebSymUYB1yufO&oauthgdpr=1&xsrfsig=AHgIfE8msp705-PG2II5uHWqjoODqYSLPg

The initial redirect for the Microsoft Account button is:

https://login.live.com/oauth20_authorize.srf?client_id=704398a8-908a-4512-9cc0-4453014b4714&redirect_uri=https%3a%2f%2fridemonitor.b2clogin.com%2fridemonitor.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=TQsICDEyv245x1E4pkQynQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6ZjBlYmQ4OTUtNmVjYS00NzBhLWE4ZDYtY2U4NTgyYzFmZmNjIiwiVElEIjoiNzIwZDg5NDEtNmM2Zi00YzIzLWI5MWEtZDMyZjJjODA5Yjk4In0

Comparing the two initial redirects, what's interesting is that the one for Google does not contain a parameter for the redirect_uri. Which I presume is the place the browser should be sent after a successful authentication.

Yet my Google credentials page would appear to be set up correctly:

Or am I maybe not configuring stuff in the right part of the Google ecosystem? I thought I was following some Microsoft directions regarding Google credentials, but...

Azure AD B2C Not Displaying Custom Signup Page

Answers (1)

Related Questions