Azure B2C with AFD and custom domain(s)

Enable Azure AD B2C custom domains - Azure AD B2C

Learn how to enable custom domains in your redirect URLs for Azure Active Directory B2C.

In the article it's stating that all the subdomains have to be registered to the tenant also.

Here is a YouTube video from Microsoft Security about the custom domain setup with Front Door.

Azure AD B2C - Configuring custom domains using Azure Front Door

Learn how to configure custom domains using Azure Front Door in Azure AD B2C. We will explain using some common use cases of custom domains the benefits of u...

Can I use Front Door wildcard domain?

Azure Front Door - Support for wildcard domains

This article helps you understand how Azure Front Door supports mapping and managing wildcard domains in the list of custom domains.

You could but I didn't have a public certificate to try it out. Seems like a working solution if you have a Wildcard public certificate in hand.

Why to add the Subdomains?

If you don't have an own public certificate, you have to add subdomains.

When you have been using Azure or M365 services, you will verify the main custom domain and that's all for most of the services.

You have to add subdomain for the routing to work inside Azure Front door.

After to addition your custom domain should be looking similar to this.

In my example I have cloudpartnerb2c.cloudpartnerdemo.fi as the custom login domain.

What happens if you don't ?

You will get on Error 404.

What about custom policies?

Nothing has to changed inside your custom policies, not even in a multi-tenant setup.

So, what needs to changed?

The only place for will be asking for the b2clogin.com address is the application that is requesting the authentication.

Enable Azure AD B2C custom domains - Azure AD B2C

Learn how to enable custom domains in your redirect URLs for Azure Active Directory B2C.

Have and excellent new year and stay safe!

Share this: