Set up sign-up and sign-in with a Google account using Azure Active Directory B2C
Create a Google application
To use a Google account as an identity provider in Azure Active Directory B2C (Azure AD B2C), you need to create an application in your tenant that represents it. If you don't already have a Google account you can sign up at https://accounts.google.com/SignUp.
- Sign in to the Google Developers Console with your Google account credentials.
- In the upper-left corner of the page, select the project list, and then select New Project.
- Enter a Project Name, click Create, and then make sure you are using the new project.
- Select Credentials in the left menu, and then select Create credentials > Oauth client ID.
- Under Application type, select Web application.
- Enter a Name for your application, enter
https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com/oauth2/authrespin Authorized redirect URIs. Replace
your-tenant-namewith the name of your tenant. You need to use all lowercase letters when entering your tenant name even if the tenant is defined with uppercase letters in Azure AD B2C.
- Click Create.
- Copy the values of Client ID and Client secret. You will need both of them to configure Google as an identity provider in your tenant. Client secret is an important security credential.
Configure a Google account as an identity provider
- Sign in to the Azure portal as the global administrator of your Azure AD B2C tenant.
- Make sure you're using the directory that contains your Azure AD B2C tenant by selecting the Directory + subscription filter in the top menu and choosing the directory that contains your tenant.
- Choose All services in the top-left corner of the Azure portal, search for and select Azure AD B2C.
- Select Identity providers, then select Google.
- Enter a Name. For example, Google.
- For the Client ID, enter the Client ID of the Google application that you created earlier.
- For the Client secret, enter the Client Secret that you recorded.
- Select Save.