Has anyone tried to use Azure B2C for their external users through their own homegrown portal? We are running into issues trying to use OIDC as the protocol to secure it and have SSO work properly. OIDC's security model is to restrict 3rd party initiated logins so once we have users login to our portal, and pass the tokens from our portal to another app, we get an issuer mismatch error from our apps and can't create an SSO login experience for our users.
Sort By:
Oldest
VP of Engineering in Insurance (except health)3 months ago
We do not use azure b2c in our company – we use aws and okta - but it sounds like there's a configured trust missing. Depending how your team set it up the trust is missing either between different auth servers or missing policies across apps within an auth server. Sorry I don't have a better answer but I hope this helps!
Also this may be helpful if they are using .NET https://learn.microsoft.com/en-us/entra/msal/dotnet/acquiring-tokens/desktop-mobile/social-identities