Integrating Azure AD B2C
- 29 Jun 2023
- 3 Minutes to read
- DarkLight
Integrating Azure AD B2C
- Updated on 29 Jun 2023
- 3 Minutes to read
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
What you need to get started
A Microsoft Azure account
If you don't have a Microsoft Azure account yet, visit azure.microsoft.com to create one.
An active directory B2C tenant
You also need an Azure Active Directory (B2C) tenant. This tenant will allow customers to use their own active directory. Microsoft offers a handy tutorial to create your tenant — Create an Azure Active Directory B2C tenant.
An application within your directory tenant
You also need a dedicated application within your Microsoft Azure account. Microsoft offers a handy tutorial to create your tenant — Register a web application
Simply make sure you select Accounts in any identity provider or organizational directory (for authenticating users with user flows) under Supported account types when registering your application.
Your application ID and directory tenant ID
Once you've created the application, copy the Application (client) ID and the Directory (tenant) ID and save them. You'll need them to enable the integration on the Admin Panel.
A client secret
You also need a client secret to enable the integration on the Admin Panel.
Click Certificates and Secrets in the navigation menu and then click on the Client Secret tab.
Click New client secret.
Name your secret and set an expiration period.
You need to create a new secret once this one expires and update your Nexudus settings accordingly.
Azure sends you a reminder before the secret expires, but we strongly recommend also setting your own reminder in your calendar.
If the secret expires before your update, users won't be able to log in to the Members Portal.
- Copy Value of your client secret (not the ID) and save it somewhere.
Treat your secret as you would any other password and make sure you save it somewhere safe.
A user flow
The last element you need before enabling the integration on the Admin Panel is a user flow in Azure. The user flow defines the user details that your directory shares with Nexudus.
Azure offers a handy tutorial to help you create your user flow — Create user flows and custom policies in Azure Active Directory B2C
Make sure your user flow includes at least the following attributes/claims:
Collect Attributes
- City
- Country/Region
- Email address
- Given name
- Surname
Return claims
- City
- Country/Region
- Display Name
- Given name
- Surname
Integrating Azure Active Directory (B2C)
Make sure you have the following details handy to complete the process:
- Your Azure Active Directory (B2C) Directory (tenant) and Application (client) IDs
- Your Azure Active Directory (B2C) client secret
- Your Azure Active Directory (B2C) user flow
Log in to dashboard.nexudus.com if you aren't already.
Enable the Azure Active Directory integration toggle.
Enable the Create new users in Nexudus if they don't exist toggle if you want to automatically register users without an existing customer account as contacts in Nexudus.
Enable the Prevent users from using their Nexudus password to log in if you want customers to only be able to use Azure AD to log in to their account.
Enabling this option will automatically redirect users to Azure AD when they click on your Members Portal login page.
Add your Azure Active Directory (B2C) Directory (tenant) ID in the Tenant ID field.
Add your Azure Active Directory (B2C) Application (client) ID in the Client ID field.
Add your Azure Active Directory (B2C) application's client secret in the Client Secret field.
Add the text you want to show customers on the Members Portal in the Sign in button label.
The default text is Sign in with Corporate Account.
Click the Save Changes button.
All set! You've completed your Azure Active Directory (B2C) integration.
Was this article helpful?