You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To enable sign-in for users with a Twitter account in Azure AD B2C, you need to create a Twitter application. If you don't already have a Twitter account, you can sign up at [`https://twitter.com/signup`](https://twitter.com/signup). You also need to [Apply for a developer account](https://developer.twitter.com/). For more information, see [Apply for access](https://developer.twitter.com/en/apply-for-access).
35
35
36
+
::: zone pivot="b2c-custom-policy"
37
+
1. Sign in to the [Twitter Developer Portal](https://developer.twitter.com/portal/projects-and-apps) with your Twitter account credentials.
38
+
1. Select **+ Create Project** button.
39
+
1. Under **Project name** tab, enter a preferred name of your project, and then select **Next** button.
40
+
1. Under **Use case** tab, select your preferred use case, and then select **Next**.
41
+
1. Under **Project description** tab, enter your project description, and then select **Next** button.
42
+
1. Under **App name** tab, enter a name for your app, such as *azureadb2c*, and the select **Next** button.
43
+
1. Under **Keys & Tokens** tab, copy the value of **API Key** and **API Key Secret** for later. You use both of them to configure Twitter as an identity provider in your Azure AD B2C tenant.
44
+
1. Select **App settings** to open the app settings.
45
+
1. At the lower part of the page, under **User authentication settings**, select **Set up**.
46
+
1. In the **User authentication settings** page, select **OAuth 2.0** option.
47
+
1. Under **OAUTH 2.0 SETTINGS**, for the **Type of app**, select your appropriate app type such as *Web App*.
48
+
1. Under **GENERAL AUTHENTICATION SETTINGS**:
49
+
1. For the **Callback URI/Redirect URL**, enter `https://your-tenant.b2clogin.com/your-tenant-name.onmicrosoft.com/your-policy-id/oauth1/authresp`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name/your-tenant-name.onmicrosoft.com/your-user-flow-Id/oauth1/authresp`. Use all lowercase letters when entering your tenant name and user flow ID even if they are defined with uppercase letters in Azure AD B2C. Replace:
50
+
-`your-tenant-name` with the name of your tenant name.
51
+
-`your-domain-name` with your custom domain.
52
+
-`your-policy-id` with the identifier of your user flow. For example, `b2c_1a_signup_signin_twitter`.
53
+
1. For the **Website URL**, enter `https://your-tenant.b2clogin.com`. Replace `your-tenant` with the name of your tenant. For example, `https://contosob2c.b2clogin.com`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name`.
54
+
1. Enter a URL for the **Terms of service**, for example `http://www.contoso.com/tos`. The policy URL is a page you maintain to provide terms and conditions for your application.
55
+
1. Enter a URL for the **Privacy policy**, for example `http://www.contoso.com/privacy`. The policy URL is a page you maintain to provide privacy information for your application.
56
+
1. Select **Save**.
57
+
::: zone-end
58
+
59
+
60
+
::: zone pivot="b2c-user-flow"
61
+
36
62
1. Sign in to the [Twitter Developer Portal](https://developer.twitter.com/portal/projects-and-apps) with your Twitter account credentials.
37
63
1. Select **+ Create Project** button.
38
64
1. Under **Project name** tab, enter a preferred name of your project, and then select **Next** button.
@@ -45,15 +71,16 @@ To enable sign-in for users with a Twitter account in Azure AD B2C, you need to
45
71
1. In the **User authentication settings** page, select **OAuth 2.0** option.
46
72
1. Under **OAUTH 2.0 SETTINGS**, for the **Type of app**, select your appropriate app type such as *Web App*.
47
73
1. Under **GENERAL AUTHENTICATION SETTINGS**:
48
-
1. For the **Callback URI/Redirect URL**, enter `https://your-tenant.b2clogin.com/your-tenant-name.onmicrosoft.com/your-user-flow-Id/oauth1/authresp`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name/your-tenant-name.onmicrosoft.com/your-user-flow-Id/oauth1/authresp`. Use all lowercase letters when entering your tenant name and user flow ID even if they are defined with uppercase letters in Azure AD B2C. Replace:
74
+
1. For the **Callback URI/Redirect URL**, enter `https://your-tenant.b2clogin.com/your-tenant-name.onmicrosoft.com/your-user-flow-name/oauth1/authresp`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name/your-tenant-name.onmicrosoft.com/your-user-flow-Id/oauth1/authresp`. Use all lowercase letters when entering your tenant name and user flow ID even if they are defined with uppercase letters in Azure AD B2C. Replace:
49
75
-`your-tenant-name` with the name of your tenant name.
50
76
-`your-domain-name` with your custom domain.
51
-
-`your-user-flow-Id` with the identifier of your user flow. For example, `b2c_1a_signup_signin_twitter`.
52
-
77
+
-`your-user-flow-name` with the identifier of your user flow. For example, `b2c_1_signup_signin_twitter`.
53
78
1. For the **Website URL**, enter `https://your-tenant.b2clogin.com`. Replace `your-tenant` with the name of your tenant. For example, `https://contosob2c.b2clogin.com`. If you use a [custom domain](custom-domain.md), enter `https://your-domain-name`.
54
79
1. Enter a URL for the **Terms of service**, for example `http://www.contoso.com/tos`. The policy URL is a page you maintain to provide terms and conditions for your application.
55
80
1. Enter a URL for the **Privacy policy**, for example `http://www.contoso.com/privacy`. The policy URL is a page you maintain to provide privacy information for your application.
56
81
1. Select **Save**.
82
+
83
+
::: zone-end
57
84
58
85
::: zone pivot="b2c-user-flow"
59
86
@@ -83,8 +110,6 @@ At this point, the Twitter identity provider has been set up, but it's not yet a
83
110
1. Select the **Run user flow** button.
84
111
1. From the sign-up or sign-in page, select **Twitter** to sign in with Twitter account.
85
112
86
-
If the sign-in process is successful, your browser is redirected to `https://jwt.ms`, which displays the contents of the token returned by Azure AD B2C.
87
-
88
113
::: zone-end
89
114
90
115
::: zone pivot="b2c-custom-policy"
@@ -186,7 +211,9 @@ You can define a Twitter account as a claims provider by adding it to the **Clai
186
211
1. For **Application**, select a web application that you [previously registered](tutorial-register-applications.md). The **Reply URL** should show `https://jwt.ms`.
187
212
1. Select the **Run now** button.
188
213
1. From the sign-up or sign-in page, select **Twitter** to sign in with Twitter account.
214
+
::: zone-end
189
215
190
216
If the sign-in process is successful, your browser is redirected to `https://jwt.ms`, which displays the contents of the token returned by Azure AD B2C.
191
217
192
-
::: zone-end
218
+
> [!TIP]
219
+
> If you're facing `unauthorized` error while testing this identity provider, make sure you use the correct Twitter API Key and API Key Secret, or try to apply for [elevated](https://developer.twitter.com/en/portal/products/elevated) access. Also, we recommend you've a look at [Twitter's projects structure](https://developer.twitter.com/en/docs/projects/overview), if you registered your app before the feature was available.
0 commit comments