question

LT20-2503 avatar image
0 Votes"
LT20-2503 asked LT20-2503 edited

Domain Verification for Microsoft Account App in Azure AD for Azure B2C

Hi, not sure if this belongs in tech community, here or stackoverflow for AAD.

Do I need to have a Microsoft partner account so that the B2C Login app I created for Microsoft accounts says verified or is that just for the blue tick?

Per Create a Microsoft account application Step 2 from Set up sign-up and sign-in with a Microsoft account using Azure Active Directory B2C You need to make an application in your Azure AD Tenant (not the B2C Tenant). I've done this and the tenant has a verified domain, but it still says 'unverified' when signing in with a Microsoft account. Publisher domain is set to the verified domain of the AAD Tenant.

I know that Features not applicable in Azure AD B2C tenants says publisher domain verification isn't available but:

  1. I take that as referring to the apps that B2C will be used to sign you into, not the app you need to create to allow Microsoft accounts to work with B2C

  2. The app to make Microsoft accounts work isn't in the B2C Tenant

  3. The domain is already verified


How do I get this app for B2C (that isn't in a B2C Tenant) domain verified?

azure-active-directoryazure-ad-b2c
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @LT20-2503 , we are investigating your issue and will update you shortly.

Best,
James

1 Vote 1 ·

1 Answer

JamesHamil-MSFT avatar image
0 Votes"
JamesHamil-MSFT answered LT20-2503 edited

Hi @LT20-2503 , sorry for the delay in response!

You should be able to get your "federation" app registration verified if registered in your corp AAD tenant, following normal AAD procedure to get it verified. You can refer to the following docs here to get the domain verification done and domain publisher added:

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-configure-publisher-domain
https://docs.microsoft.com/en-us/azure/active-directory/develop/mark-app-as-publisher-verified

Details on Publisher verification: https://docs.microsoft.com/en-us/azure/active-directory/develop/publisher-verification-overview

Please let me know if you have any questions!

If this answer helped you please mark it as "Verified" so other users can reference it.

Thank you,
James

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @JamesHamil-MSFT,

Thanks for the reply. I'm not a partner. I'm a simple charity, launching a new service thats using B2C. Works great for all other identity providers, except Microsoft accounts.

The publisher domain of my federation app that is in my corp AAD tenant, is the same as my already verified custom AAD domain. A top level root domain (eg: companyname.org). But it still comes as "unverified".
So I followed the steps in https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-configure-publisher-domain and put the json file on my website. It still says "unverified".

0 Votes 0 ·

I just want domain verification for my federation app for Microsoft Accounts, ie so it says companyname.org not "unverified". I don't want to be a "verified publisher" and I don't want a blue tick, as such I don't think I need to be a partner.

How do I get my federation app for Microsoft Account Sign in via B2C, domain verified only so it doesn't say "unverified".

Any ideas? Thanks.

LT

0 Votes 0 ·