question

EJMarmonti-1605 avatar image
0 Votes"
EJMarmonti-1605 asked EJMarmonti-1605 commented

Help adding B2C tenant to subscription

I'm having some trouble with linking an Azure B2C tenant to a subscription. I need to do this so that I'll be able to run powershell against it for custom policies, etc.

In our organization, we have a primary directory which has all internal org resources (users, VMs, apps, vnets, etc) attached to it. Let's call this directory A. We also have a separate tenant for a web application that external users use which requires oauth. This portion itself if working fine and that application is live in production. Let's call this directory B. My account has complete admin access to both directories.

If I switch to directory B, then I go to Azure AD B2C -> Overview, it tells me the subscription status is Registered, and has a subscription ID which is the same exact subscription ID of the subscription in directory A, where I created this tenant.

If I follow the instructions at https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-tenant to try and Link an existing B2C tenant to my subscription, the B2C (directory B) is not found.

When I try to launch Powershell via a cloud shell when in directory B, it tells me"No valid subscriptions found" and links me to https://aka.ms/cloudshell/free. If I click that link, and go to Pay as you go -> Get started -> (authenticate again) -> I get the "Create a subscription" page. This is confusing because I already created a subscription in directory A for this, of which the subscriptionID matches in B2C. But if I continue through the "Create a subscription" wizard, on the 'subscription directory' drop-down menu, I do see all of our directories, including both directory A & B. I see that I'm supposed to select "the AAD to associate the directory with", so I could in theory select directory A, then Create. But something about this process feels incorrect so I haven't completed it.


Is anyone able to assist? Am I doing something wrong?

azure-ad-b2c
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered EJMarmonti-1605 commented

If you are seeing the subscription status as registered and are not seeing the "No subscription linked error", then it should be linked.

To confirm, you can do the following:

Switch Directories to the location of your target Azure subscription
Under Marketplace, search for and select 'B2C'
Select "Create to link this B2C Tenant" to a subscription

A subscription linked to an Azure AD B2C tenant is for Support, Billing and to use Custom Policies and can not be used to create other Azure resources. So based on your description, this would appear to be expected behavior.

I would recommend using Windows Powershell rather than Cloudshell.

See related:
Unable to launch Cloud Shell - Asking me to create new subscription when I have one already
How to create an ad-b2c tenant under existing subscription

Let me know if this helps.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for responding.

In my target subscription, if I go into the Marketplace, then go select "Azure Active Directory B2C" -> Create -> Azure Active Directory B2C, then choose the "Link an existing Azure AD B2C Tenant to my Azure subscription", the "Azure AD B2C Tenant" drop-down tells me: "No eligible B2C Tenants found. It also grays out the Subscription box so that I cannot select a different subscription.

I noticed that if I go to the global subscription filter and select one subscription at a time (instead of what I currently have selected, which is ALL of them), then follow the steps above, it does change the selected subscription to whichever I set as the subscription. But even if I set that to the exact same Subscription of which my Azure B2C tenant is registered to, the above steps still yield the same result of "No eligible B2C Tenants found".

So unfortunately that was a dead end.


For what it's worth, based on this similar thread (https://docs.microsoft.com/en-us/answers/questions/211970/no-eligible-b2c-tenants-found.html), it looks like maybe this B2C tenant I created was automatically registered with my primary subscription when I created it. However, I'm still not able to run powershell via the cloudshell, as it continues to say "No valid subscriptions found". Almost seems like an Azure bug.

0 Votes 0 ·