Set redirect URLs to for Azure Active Directory B2C

When you set up an identity provider for sign-up and sign-in in your Azure Active Directory (Azure AD) B2C application, you need to specify a redirect URL. In the past, was used, now you should be using

Using gives you additional benefits, such as:

  • Cookies are no longer shared with the other Microsoft services.
  • Your URLs no longer include a reference to Microsoft. For example,

To use, set the redirect URLs in your identity provider applications to use You also set your Azure AD B2C application to use for policy references and token endpoints. If you are using MSAL, you need to set the ValidateAuthority property to false.

Change redirect URLs

To use, in the settings for your identity provider application, look for and change the list of trusted URLs to redirect back to Azure AD B2C. Currently, you probably have it set up to redirect back to some site.

You'll need to change the redirect URL so that is authorized. Make sure to replace your-tenant-name with the name of your Azure AD B2C tenant and remove /te if it exists in the URL. There are slight variations to this URL for each identity provider so check the corresponding page to get the exact URL.

You can find set-up information for identity providers in the following articles:

Update your application

Your Azure AD B2C application probably refers to in several places, such as your policy references and token endpoints. Make sure that your authorization endpoint, token endpoint, and issuer have been updated to use

Set the ValidateAuthority property

If you're using MSAL, set the ValidateAuthority to false. The following example shows how you might set the property:

this.clientApplication = new UserAgentApplication(
    validateAuthority: false

For more information, see ClientApplicationBase Class .