Azure Active Directory Integration Guide (B2C)


Step 1: Email integration@trusona.com with the following information:

  1. Email domain

  2. Company name

  3. Azure Directory ID (located Azure Active Directory > Properties > Directory ID)

  4. Email “Initial domain name” in step 2.

 
Azure B2C 1.png
 

 

Step: 2 Create an Azure Active Directory B2C tenant

 

  1. On the left side select “Dashboard”

  2. In the search bar type “Azure Active Directory B2C”

  3. Select “Azure Active Directory B2C” from the dropdown

  4. Select “Get Started”

  5. Select “Create a new Azure AD B2C Tenant”

  6. Create Organization name and Initial Domain Name

  7. Select the “Create” button

 
Trusona Azure B2C 2.png
Trusona Azure B2C 3.png
Trusona Azure B2C 4.png
Trusona Azure B2C 5.png
 

 Note: It may take a few minutes for the tenant to be created.

 

Step: 3 – Add New Identity Provider

Dashboard > Azure AD B2 – Identity providers

  1. Select “Identity providers”

  2. Select “Add”

Trusona Azure ID 1.png

 

Step: 4 Configure Identity Provider

  1. Select “Identity provider type”

  2. OpenID Connect (Preview)

Trusona Azure IdP 1.png
 

Step 5 – Set up this Identity Provider

Field Value
Metadata URL https://gateway.trusona.net/oidc/.well-known/openid-configuration
Client ID Will be emailed to you from Trusona
Scope openid profile email
Response type id_token
Response mode form_post
Trusona Azure Set up this identity provider.png


Step: 6 Set up claims mapping

Select “Map this identity provider’s claims” 

Field Value
User ID sub
Display name nickname
Given name given_name
Surname family_name
Response mode email

Click Ok to complete the setup for your new OIDC Identity Provider. 

Trusona Azure map.png

Step 7: Create user flow policy

You should now see your new OpenID Connect Identity Provider listed within your B2C Identity Providers. 

  1. Select “User flows (policies)”

  2. Select “Add”

  3. Select “New user flow”

  4. Select “Sign up and sign in”

 

Trusona Azure User Flow.png

 

Trusona Azure New user flow.png
Sign up and Sign in.png

 



Step 8 – Configure Policy

  1. Name your policy

  2. Select your new created Trusona Identity Provider. 

  3. Select “Create”

    Note: As Trusona is inherently multifactor, it’s best to leave multifactor authentication disabled. 

  4. Show more

  5. Select at least one attributes that you specified during the setup in step 5.

  6. Select “OK”

Trusona Azure Configure policy.png
Trusona Azure select attribute.png
 

9: Test Policy

  1. Select your newly created policy

  2. Run user flow

  3. Enter Relying URL

  4. Run user flow

Trusona Azure Test policy.png
Trusona Azure run user flow.png
Trusona Azure Run user flow 2.png


When clicking the Run user flow button, you will be redirected to the Trusona OIDC Gateway. On the Trusona Gateway you can scan the displayed Secure QR code with the Trusona App or with an custom app using the Trusona mobile SDK. 

gateway.png

 

After scanning the Secure QR code, you should be redirected to the Reply URL you defined in the previous step. 

Daniel Fischpan