Share via

Azure AD B2C: Uploading custom policies via github actions

A3434342 41 Reputation points
2020-08-26T14:33:50.723+00:00

Hello,

I am trying to upload a few custom policies(base, extension and RP) to Azure B2C using github actions that would use an azure service principal(client id and secret), tenant id and subscription id. I have used this github action:

https://github.com/marketplace/actions/deploy-azure-ad-b2c-trustframework-policy

When the action executes in my pipeline, I get this error:

Action failed: client_secret_basic client authentication method requires a client_secret

The github secrets section of the repository has CLIENT_SECRET defined like this:

20612-screen-shot-2020-08-26-at-102807-am.png

There is another variable called AZURE_CREDENTIALS that has a JSON like this: 

{  
  "clientId": "my-clientId",  
  "clientSecret": "my-clientSecret",  
  "tenantId": "my-tenantId",  
  "subscriptionId": "my-subscriptionId"  
}

Any clues on what I am missing? Appreciate your responses.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,687 questions
0 comments
Accepted answer
  1. Saurabh Sharma 23,766 Reputation points Microsoft Employee
    2020-08-26T21:04:35.877+00:00

    @Aspirant3434342-8925 I am able to deploy Azure AD B2C Trustframework policy using existing action template - https://github.com/marketplace/actions/deploy-azure-ad-b2c-trustframework-policy without any error. Here are the steps I have followed -

    1. I have created a GitHub repository and imported the existing template by going to "Set up a workflow yourself" from Actions tab on GitHub
      20629-image.png
    2. Search Marketplace for action template you want to include (Deploy Azure AD B2C TrustFramework Policy)
      20559-image.png
    3. Copy the snippet into your .yml file by clicking copy button.
      20657-image.png
    4. Configure the environment variables in .yml file and add other details like file path, policy name.
      20658-image.png
    5. For Tenant Name and client Id refer the variables using ${<!-- -->{ env.tenant }} and ${<!-- -->{ env.clientId }}
      20548-image.png
    6. Now for Client secret you need to setup "Secrets" in your repository settings to define a secret name and assign Client Secret value of the registered application.
      20560-image.png
    7. You can refer to the stored secret in .yml file by using ${<!-- -->{ secrets.clientSecret }}
      20681-image.png
      1. Once you save the file you can check the Actions tab for build status.
        20659-image.png

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest