Set up a sign-up and sign-in flow in Azure Active Directory B2C

Before you begin, use the selector above to choose the type of policy you’re configuring. Azure AD B2C offers two methods of defining how users interact with your applications: through predefined user flows, or through fully configurable custom policies. The steps required in this article are different for each method.

Sign-up and sign-in flow

Sign-up and sign-in policy lets users:

  • Sign-up with local account
  • Sign-in with local account
  • Sign-up or sign-in with a social account
  • Password reset

Profile editing flow

Prerequisites

If you haven't already done so, register a web application in Azure Active Directory B2C.

Create a sign-up and sign-in user flow

The sign-up and sign-in user flow handles both sign-up and sign-in experiences with a single configuration. Users of your application are led down the right path depending on the context.

  1. Sign in to the Azure portal.

  2. Select the Directory + Subscription icon in the portal toolbar, and then select the directory that contains your Azure AD B2C tenant.

  3. In the Azure portal, search for and select Azure AD B2C.

  4. Under Policies, select User flows, and then select New user flow.

    User flows page in portal with New user flow button highlighted

  5. On the Create a user flow page, select the Sign up and sign in user flow.

    Select a user flow page with Sign up and sign in flow highlighted

  6. Under Select a version, select Recommended, and then select Create. (Learn more about user flow versions.)

    Create user flow page in Azure portal with properties highlighted

  7. Enter a Name for the user flow. For example, signupsignin1.

  8. For Identity providers, select Email sign-up.

  9. For User attributes and claims, choose the claims and attributes that you want to collect and send from the user during sign-up. For example, select Show more, and then choose attributes and claims for Country/Region, Display Name, and Postal Code. Click OK.

    Attributes and claims selection page with three claims selected

  10. Click Create to add the user flow. A prefix of B2C_1 is automatically prepended to the name.

  11. Follow the steps to handle the flow for "Forgot your password?" within the sign-up or sign-in policy.

Test the user flow

  1. Select the user flow you created to open its overview page, then select Run user flow.

  2. For Application, select the web application named webapp1 that you previously registered. The Reply URL should show https://jwt.ms.

  3. Click Run user flow, and then select Sign up now.

    Run user flow page in portal with Run user flow button highlighted

  4. Enter a valid email address, click Send verification code, enter the verification code that you receive, then select Verify code.

  5. Enter a new password and confirm the password.

  6. Select your country and region, enter the name that you want displayed, enter a postal code, and then click Create. The token is returned to https://jwt.ms and should be displayed to you.

  7. You can now run the user flow again and you should be able to sign in with the account that you created. The returned token includes the claims that you selected of country/region, name, and postal code.

Note

The "Run user flow" experience is not currently compatible with the SPA reply URL type using authorization code flow. To use the "Run user flow" experience with these kinds of apps, register a reply URL of type "Web" and enable the implicit flow as described here.

Create a sign-up and sign-in policy

Custom policies are a set of XML files you upload to your Azure AD B2C tenant to define user journeys. We provide starter packs with several pre-built policies including: sign-up and sign-in, password reset, and profile editing policy. For more information, see Get started with custom policies in Azure AD B2C.

Next steps