You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To enable sign-in for users with a Twitter account in Azure AD B2C, you need to create a Twitter application. If you don't already have a Twitter account, you can sign up at [`https://twitter.com/signup`](https://twitter.com/signup). You also need to [Apply for a developer account](https://developer.twitter.com/). For more information, see [Apply for access](https://developer.twitter.com/en/apply-for-access).
35
35
36
36
1. Sign in to the [Twitter Developer Portal](https://developer.twitter.com/portal/projects-and-apps) with your Twitter account credentials.
37
-
1. Under **Standalone Apps**, select **+Create App**.
38
-
1. Enter an **App name**, and then select **Complete**.
39
-
1. Copy the value of the **App key**, and **API key secret**. You use both of them to configure Twitter as an identity provider in your tenant.
40
-
1. Under **Setup your App**, select **App settings**.
41
-
1. Under **Authentication settings**, select **Edit**
42
-
1. Select **Enable 3-legged OAuth** checkbox.
43
-
1. Select **Request email address from users** checkbox.
44
-
1. For the **Callback URLs**, enter `https://your-tenant.b2clogin.com/your-tenant-name.onmicrosoft.com/your-user-flow-Id/oauth1/authresp`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name/your-tenant-name.onmicrosoft.com/your-user-flow-Id/oauth1/authresp`. Use all lowercase letters when entering your tenant name and user flow ID even if they are defined with uppercase letters in Azure AD B2C. Replace:
37
+
1. Select **+ Create Project** button.
38
+
1. Under **Project name** tab, enter a preferred name of your project, and then select **Next** button.
39
+
1. Under **Use case** tab, select your preferred use case, and then select **Next**.
40
+
1. Under **Project description** tab, enter your project description, and then select **Next** button.
41
+
1. Under **App name** tab, enter a name for your app, such as *azureadb2c*, and the select **Next** button.
42
+
1. Under **Keys & Tokens** tab, copy the value of **API Key** and **API Key Secret** for later. You use both of them to configure Twitter as an identity provider in your Azure AD B2C tenant.
43
+
1. Select **App settings** to open the app settings.
44
+
1. At the lower part of the page, under **User authentication settings**, select **Set up**.
45
+
1. In the **User authentication settings** page, select **OAuth 2.0** option.
46
+
1. Under **OAUTH 2.0 SETTINGS**, for the **Type of app**, select your appropriate app type such as *Web App*.
47
+
1. Under **GENERAL AUTHENTICATION SETTINGS**:
48
+
1. For the **Callback URI/Redirect URL**, enter `https://your-tenant.b2clogin.com/your-tenant-name.onmicrosoft.com/your-user-flow-Id/oauth1/authresp`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name/your-tenant-name.onmicrosoft.com/your-user-flow-Id/oauth1/authresp`. Use all lowercase letters when entering your tenant name and user flow ID even if they are defined with uppercase letters in Azure AD B2C. Replace:
45
49
-`your-tenant-name` with the name of your tenant name.
46
50
-`your-domain-name` with your custom domain.
47
51
-`your-user-flow-Id` with the identifier of your user flow. For example, `b2c_1a_signup_signin_twitter`.
48
52
49
53
1. For the **Website URL**, enter `https://your-tenant.b2clogin.com`. Replace `your-tenant` with the name of your tenant. For example, `https://contosob2c.b2clogin.com`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name`.
50
54
1. Enter a URL for the **Terms of service**, for example `http://www.contoso.com/tos`. The policy URL is a page you maintain to provide terms and conditions for your application.
51
55
1. Enter a URL for the **Privacy policy**, for example `http://www.contoso.com/privacy`. The policy URL is a page you maintain to provide privacy information for your application.
52
-
1. Select **Save**.
56
+
1. Select **Save**.
53
57
54
58
::: zone pivot="b2c-user-flow"
55
59
56
60
## Configure Twitter as an identity provider
57
61
58
62
1. Sign in to the [Azure portal](https://portal.azure.com/) as the global administrator of your Azure AD B2C tenant.
59
-
1. Make sure you're using the directory that contains your Azure AD B2C tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
60
-
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
63
+
1. Make sure you're using the directory that contains your Azure AD B2C tenant.
64
+
1. Select the **Directories + subscriptions** icon in the portal toolbar.
65
+
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
61
66
1. Choose **All services** in the top-left corner of the Azure portal, search for and select **Azure AD B2C**.
62
67
1. Select **Identity providers**, then select **Twitter**.
63
68
1. Enter a **Name**. For example, *Twitter*.
@@ -86,25 +91,26 @@ If the sign-in process is successful, your browser is redirected to `https://jwt
86
91
87
92
## Create a policy key
88
93
89
-
You need to store the secret key that you previously recorded in your Azure AD B2C tenant.
94
+
You need to store the secret key that you previously recorded for Twitter app in your Azure AD B2C tenant.
90
95
91
96
1. Sign in to the [Azure portal](https://portal.azure.com/).
92
-
1. Make sure you're using the directory that contains your Azure AD B2C tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
93
-
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
94
-
1. Choose **All services** in the top-left corner of the Azure portal, and then search for and select **Azure AD B2C**.
95
-
1. On the Overview page, select **Identity Experience Framework**.
97
+
1. Make sure you're using the directory that contains your Azure AD B2C tenant.
98
+
1. Select the **Directories + subscriptions** icon in the portal toolbar.
99
+
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
100
+
1. In the Azure portal, search for and select **Azure AD B2C**.
101
+
1. On the left menu, under **Policies**, select **Identity Experience Framework**.
96
102
1. Select **Policy Keys** and then select **Add**.
97
103
1. For **Options**, choose `Manual`.
98
104
1. Enter a **Name** for the policy key. For example, `TwitterSecret`. The prefix `B2C_1A_` is added automatically to the name of your key.
99
-
1.In**Secret**, enter your client secret that you previously recorded.
105
+
1.For**Secret**, enter your *API key secret* value that you previously recorded.
100
106
1. For **Key usage**, select `Encryption`.
101
107
1. Click **Create**.
102
108
103
109
## Configure Twitter as an identity provider
104
110
105
111
To enable users to sign in using a Twitter account, you need to define the account as a claims provider that Azure AD B2C can communicate with through an endpoint. The endpoint provides a set of claims that are used by Azure AD B2C to verify that a specific user has authenticated.
106
112
107
-
You can define a Twitter account as a claims provider by adding it to the **ClaimsProviders** element in the extension file of your policy.
113
+
You can define a Twitter account as a claims provider by adding it to the **ClaimsProviders** element in the extension file of your policy. Refer to the custom policy starter pack that you downloaded in the Prerequisites of this article.
108
114
109
115
1. Open the *TrustFrameworkExtensions.xml*.
110
116
2. Find the **ClaimsProviders** element. If it does not exist, add it under the root element.
@@ -149,7 +155,7 @@ You can define a Twitter account as a claims provider by adding it to the **Clai
149
155
</ClaimsProvider>
150
156
```
151
157
152
-
4. Replace the value of **client_id** with the *API key secret* that you previously recorded.
158
+
4. Replace the value of **client_id** with the *API key* that you previously recorded.
Copy file name to clipboardExpand all lines: articles/active-directory-domain-services/policy-reference.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
---
2
2
title: Built-in policy definitions for Azure Active Directory Domain Services
3
3
description: Lists Azure Policy built-in policy definitions for Azure Active Directory Domain Services. These built-in policy definitions provide common approaches to managing your Azure resources.
0 commit comments