Setting up event management to work with AAD B2C
Overview
The event portal is capable of integrating the Azure Active Directory B2C. To integrate it, you need to implement a couple of steps.
- If you don't have one already, create an Azure AD B2C tenant.
- Add a web application to your Azure AD B2C tenant.
- Register the application with your Dynamics 365 Marketing instance.
- Configure event management application to work with your Azure AD B2C tenant
Creating Azure AD B2C tenant and adding a web application to the tenant
The quick start tutorial explains how to create a new Azure AD B2C tenant here: Create an Azure AD B2C tenant
After you have successfully created Azure AD B2C tenant, follow the tutorial to add a web application to the newly created tenant: Register a web application with AAD B2C
Grant API access to the registered web application
- Select the web application that you have registered before.
- Specify
events
as App ID URI. You can apply this setting in the Properties tab. - Navigate to API access.
- Select Add.
- Select your API and select all scopes.
- Select Ok.
Create a user flow policy
You need to create a user flow policy if you don't already have one.
To do so, follow the steps below:
- Navigate to your Azure portal and open your Azure AD B2C
- Select User flows (policies) in the Policies section.
- Select new user flow.
- Select Sign up and Sign in user flow type.
- Specify a name.
- Select an identity provider.
- Select at least the following user attributes and claims:
- Email Address (required, collect attribute)
- Given Name (collect attribute and return claim)
- Surname (collect attribute and return claim)
- Select Create.
Note
To use a name-based contact matching strategy, you must configure the sign-up policy to include the Given Name
and Surname
attributes and also selecting them in the Application claim
section. More information: How to configure and set it up in the Azure AD B2C
Naming
To reduce the clutter while navigating Azure portal we will use the following naming for the portal screens:
- B2C Tenant: Tenant
- B2C Tenant > Azure AD B2C Settings: Settings
- B2C Tenant > Azure AD B2C Settings > Application > Select your application: Application
- Application > Application ID textbox: Application ID
- Tenant > Properties > Name textbox: Tenant name (for example,
contoso.onmicrosoft.com
) - First part of the tenant name: Tenant ID (for example,
contoso
) - Settings > User Flows (policies): Policy (for example,
B2C_1_default-sign-up
) - Application > Published scopes > Full scope value textbox: Scope (for example, https://contosoeventmanagementtest.onmicrosoft.com/events/registration)
Registering the application with Dynamics 365 Marketing instance
Follow those steps to register the application with Dynamics 365 Marketing.
Open your Dynamics 365 Marketing instance
Navigate to Dynamics 365 > Marketing > Settings > Web applications and select your Web application record. If you haven't created a Web application record yet, follow the steps to register your web application.
Insert your Application ID in the AAD Client ID field.
Insert your metadata endpoint in the AAD Metadata Endpoint field. According to the defined naming assembly, the AAD metadata endpoint looks in this pattern
https://{tenant id}.b2clogin.com/{tenant id}.onmicrosoft.com/v2.0/.well-known/openid-configuration?p={policy}
The AAD metadata endpoint looks in this patternhttps://contosoeventmanagementtest.b2clogin.com/contosoeventmanagementtest.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_default-sign-up
Save the changes.
Note
It can take up to 10 minutes until the changes become active.
Configuring event management application
Open the environment.ts
configuration file located in the \src\environments folder and enter all required values in the aadB2cConfig
variable.
Use following mapping while entering the values:
- authorityHost: {tenant ID}.b2clogin.com (for example,
contosoeventmanagementtest.b2clogin.com
) - tenant: Tenant name (for example,
contosoeventmanagementtest.onmicrosoft.com
) - clientID: Application ID
- signUpSignInPolicy: Policy (for example,
B2C_1_default-sign-up
) - b2cScopes: ['Scope'] (for example, https://contosoeventmanagementtest.onmicrosoft.com/events/registration)
- redirectUri: Application > Reply URL > Pick your application uri (for example, for localhost
https://localhost:4200
)
An example of the full aadB2cConfig object would be:
aadB2CConfig: {
authorityHost: 'contoso.b2clogin.com',
tenant: 'contoso.onmicrosoft.com',
clientID: '7e67b9fe-d976-4db0-be90-05d797332658',
signUpSignInPolicy: 'B2C_1_default-sign-up',
b2cScopes: ['https://contoso.onmicrosoft.com/events/registration'],
redirectUri: 'https://localhost:4200'
}