You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory-b2c/identity-provider-azure-ad-multi-tenant-custom.md
+14-14Lines changed: 14 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,7 +9,7 @@ manager: celestedg
9
9
ms.service: active-directory
10
10
ms.workload: identity
11
11
ms.topic: conceptual
12
-
ms.date: 02/06/2020
12
+
ms.date: 02/10/2020
13
13
ms.author: marsma
14
14
ms.subservice: B2C
15
15
---
@@ -46,6 +46,19 @@ To enable sign-in for users from a specific Azure AD organization, you need to r
46
46
1. Select **Certificates & secrets**, and then select **New client secret**.
47
47
1. Enter a **Description** for the secret, select an expiration, and then select **Add**. Record the **Value** of the secret for use in a later step.
48
48
49
+
## Configuring optional claims
50
+
51
+
If you want to get the `family_name` and `given_name` claims from Azure AD, you can configure optional claims for your application in the Azure portal UI or application manifest. For more information, see [How to provide optional claims to your Azure AD app](../active-directory/develop/active-directory-optional-claims.md).
52
+
53
+
1. Sign in to the [Azure portal](https://portal.azure.com). Search for and select **Azure Active Directory**.
54
+
1. From the **Manage** section, select **App registrations**.
55
+
1. Select the application you want to configure optional claims for in the list.
56
+
1. From the **Manage** section, select **Token configuration (preview)**.
57
+
1. Select **Add optional claim**.
58
+
1. Select the token type you want to configure.
59
+
1. Select the optional claims to add.
60
+
1. Click **Add**.
61
+
49
62
## Create a policy key
50
63
51
64
You need to store the application key that you created in your Azure AD B2C tenant.
@@ -60,19 +73,6 @@ You need to store the application key that you created in your Azure AD B2C tena
60
73
1. For **Key usage**, select `Signature`.
61
74
1. Select **Create**.
62
75
63
-
## Configuring optional claims
64
-
65
-
If you want to get the `family_name` and `given_name` claims from Azure AD, you can configure optional claims for your application in the Azure portal UI or application manifest. For more information, see [How to provide optional claims to your Azure AD app](../active-directory/develop/active-directory-optional-claims.md).
66
-
67
-
1. Sign in to the [Azure portal](https://portal.azure.com). Search for and select **Azure Active Directory**.
68
-
1. From the **Manage** section, select **App registrations**.
69
-
1. Select the application you want to configure optional claims for in the list.
70
-
1. From the **Manage** section, select **Token configuration (preview)**.
71
-
1. Select **Add optional claim**.
72
-
1. Select the token type you want to configure.
73
-
1. Select the optional claims to add.
74
-
1. Click **Add**.
75
-
76
76
## Add a claims provider
77
77
78
78
If you want users to sign in by using Azure AD, you need to define Azure AD as a claims provider that Azure AD B2C can communicate with through an endpoint. The endpoint provides a set of claims that are used by Azure AD B2C to verify that a specific user has authenticated.
0 commit comments