Customer Engagement & Dynamics CRM Forum

Expand all | Collapse all

Dynamics Portal and ADB2C configuration

  • 1.  Dynamics Portal and ADB2C configuration

    Posted 11 days ago
    HI everyone,

    I am revisiting a previous portal implementation and trying to get it up an running. I configured ADB2C for authentication and set appropriate Site Settings accordingly. What I am trying to achieve is not to use registration (I'd say the regular way of using ADB2C) but to give access only to selected contacts that are already in Dynamics based on the users decision. I did not use invite functionality but instead created Flow that triggers on certain events in Dynamics and creates a user on ADB2C side. The issue that I am having when testing that registration is required regardless (registration form pops up during first login). If I disable Site Settings for registration I get the message Registration is disabled. Is there any way around this? To get contacts in sync somehow? Am I doing it the wrong way? Do I need to set External Identity within Dynamics on Contact record (I thought not since now authentication is outside Dynamics). Did anyone use AllowContactMappingWithEmail setting in this scenario? Did anyone had issues with changes in ADB2C - Sign in policies are now User flows (for example with password reset)?

    ------------------------------
    Antonio
    Span d.o.o
    ------------------------------


  • 2.  RE: Dynamics Portal and ADB2C configuration

    SILVER CONTRIBUTOR
    Posted 8 days ago
    Hi Antonio,

    I've had success with a couple of the options you mentioned.

    The AllowContactMappingWithEmail site setting should allow users to login without registration as long at their email address is included as part of the claim, and there is a single contact in your Dynamics instance that has that email address.  In this case, the system should create the External Identity Automatically.

    We've also created the External Identities manually, however this was for a custom OpenID Connect implementation, not with Azure AD B2C.

    Hope that helps.

    ------------------------------
    Nicholas Hayduk
    Engineered Code Consulting Inc.
    Regina, SK
    ------------------------------



  • 3.  RE: Dynamics Portal and ADB2C configuration

    Posted 2 days ago
    Hi Nicholas,

    Thank you for your reply!

    You are right, the system maps the user based on email (in my case when I set the registration enabled to true and if there is one contact with that email the external login record is created in Dynamics automatically and the user is able to login).
    But also now I am having issues with the first new login for a new user - when I create the user on ADB2C via flow the initial password does not work. Then when I try to change the password with ADB2C reset policy, I am able to do so, but the redirect back to portal does not work (it says sign in failed). But when I try to login manually again it works. Seems like the email is not part of the claim (although I have marked it on ADB2C signin/reset policy application claim ).

    Do you know maybe what is the correct setting for Authentication/OpenIdConnect/B2C/LoginClaimsMapping for email? I've tried various combinations like emailaddress1=emailAddress but I don't think it is working.
    The MS docs says "The claim name is the CLAIM TYPE field listed next to the attribute in the sign-in policies Application claims" but I don't see that anywhere.

    Thank you!

    ------------------------------
    Antonio
    Span d.o.o
    ------------------------------



  • 4.  RE: Dynamics Portal and ADB2C configuration

    Posted 2 days ago
    Just to add. I've managed to solve the issue. At the end I recreated the Sign In policy on ADB2C (used a different template) and everything works fine.

    Best regards,
    Antonio

    ------------------------------
    Antonio
    Span d.o.o
    ------------------------------