Testing Azure Front Door for Azure B2C URLs in preparation for a Custom Domain

Reuben 6 Reputation points
2021-07-13T23:22:47.563+00:00

Similar to https://learn.microsoft.com/en-us/answers/questions/331830/unable-to-configure-custom-domains-for-azure-activ.html, I am trying to set up a Custom Domain for an Azure AD B2C tenant using Azure Front Door. I added a comment to the question, but I should ask my own question, so here we go.

There is a step in the instructions where it suggests I ought to be able to test the Front Door by accessing a URL on the azurefd.net domain directly.

Since this is a Azure AD B2C tenancy, and I don't get a lot of choice of what URLs to use, so I am testing the Open ID Configuation URL (https://b2cuatotw.b2clogin.com/b2cuatotw.onmicrosoft.com/B2C_1A_signup_signin/v2.0/.well-known/openid-configuration) and comparing with what I think the azurefd.net counterpart should be (https://b2cuatotw.azurefd.net/b2cuatotw.onmicrosoft.com/B2C_1A_signup_signin/v2.0/.well-known/openid-configuration).

However, I'm only getting 404 responses from the azurefd.net URL and enabling diagnostics for the Azure Front Door is also only showing 404 responses for my requests.

Is this a reasonable test for ensuring the front door has been set up properly before I start changing policies and applications to use the custom domain name?

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
565 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,610 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Reuben 6 Reputation points
    2021-08-04T01:09:41.607+00:00

    This item is solved via a support request.

    The first item that needed correcting was Domain verification needs to be on the Azure B2C tenant, not the tenant that you may be hosting the Front Door with.

    As a part of the support resolution, we skipped the azurefd.net to b2clogin.com test and went straight to the custom domain. However, our company internal DNS was not propagating the CNAME entry through to the VPN that I was using to log into our work environment.