Sign Up ›
  • David Russell 42
  • NEWBIE
  • 0 Points
  • Member since 2018
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 2
    Replies
SOLVED
6 replies

Azure B2C as OpenID IdP for Salesforce

The goal is to have local Azure B2C accounts signing into our Salesforce domains. 

1) When I configure Salesforce to use our B2C tenant endpoing URLs without a policy query string, it only works for my B2C administrator account.  All other accounts fail to authenticate to B2C, with error: 
Message: AADSTS50020: User account 'MyName@domain.com' from identity provider 'domain.com' does not exist in tenant 'My Company Name' and cannot access the application 'MyApp' in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.

2) When I configure SalesForce to use our B2C policy endpoint URLs, those users can authenticate to B2C but when they are redirected to Salesforce, Salesforce gives an error that an access token was not received.

I have uploaded two PDFs (one showing nopolicy config, the other showing the policy config) here.  Hoping someone can help!
SOLVED
6 replies

Azure B2C as OpenID IdP for Salesforce

The goal is to have local Azure B2C accounts signing into our Salesforce domains. 

1) When I configure Salesforce to use our B2C tenant endpoing URLs without a policy query string, it only works for my B2C administrator account.  All other accounts fail to authenticate to B2C, with error: 
Message: AADSTS50020: User account 'MyName@domain.com' from identity provider 'domain.com' does not exist in tenant 'My Company Name' and cannot access the application 'MyApp' in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.

2) When I configure SalesForce to use our B2C policy endpoint URLs, those users can authenticate to B2C but when they are redirected to Salesforce, Salesforce gives an error that an access token was not received.

I have uploaded two PDFs (one showing nopolicy config, the other showing the policy config) here.  Hoping someone can help!
12 replies

Azure Active Directory B2C SSO with Communities

I have integrated Azure AD SSO successfully with Salesforce for our staff, but I am finding it more difficult to setup similar SSO settings for Azure AD B2C with Communities. The idea here is Azure AD B2C has our client accounts and we want to open up Communities to them, has anyone had any experience with this setup?
Errors appear to be on the Azure side currently:
Message: AADSTS50020: User account 'MyName@hotmail.com' from identity provider 'live.com' does not exist in tenant 'My Company Name' and cannot access the application 'https://MyCompanyName.force.com' in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.