Personalized Community is here!
Quickly customize your community to find the content you seek.
Have questions on moving to the cloud? Visit the Dynamics 365 Migration Community today! Microsoft’s extensive network of Dynamics AX and Dynamics CRM experts can help.
2022 Release Wave 1 PlanDynamics 365 release plan for the 2022 release wave 1 describes all new features releasing from April 2022 through September 2022.
2022 release wave 1 plan
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Community | FastTrack Program | Finance and Operations TechTalks | Customer Engagement TechTalks | Upcoming TechTalks | All TechTalks
Anyone has one or more “invite only” portals, using Azure B2C and having it configured user friendly? I’m still not successful, feeling like I’m running around in circles…
Mostly because both the register and login functions in the portal use the same user flow in Azure. That works fine for a register-to-all portal, but not to our invite-only portals I guess.
Requirements I have:
The user experience now is:
What also goes wrong in the user experience:
I don't have a great answer for you, just some comments.
The challenge is that by using the local login feature of Azure AD B2C, you are effectively requiring that users register twice. They need to redeem the invitation code on the Portal, and then they need to register a local account in Azure AD B2C.
The Portal doesn't know (or care) what type of authentication is being used by Azure AD B2C. When the Portal sends a user from the Redeem Invite page to Azure AD, it's not in the context of a registration/sign up - it's in the context of a sign in. If they used a social identity like Facebook, they wouldn't need to register with Azure AD B2C, just login.
Can you gone through the process of customizing the Azure AD B2C sign in and sign up pages (docs.microsoft.com/.../azure-ad-b2c That might also help with any confusion as you can add your own messaging.
Interested to hear if anyone else has a good solve for this.
Thanks for your comment. I have customized the sign in/sign up page. But because I can only use one user flow with Azure, I have to include the "Register now" link in this page as well. And when other (not invited) people enter the page, they also see this "Register now" button, what makes it confusing.
The project board for my project unfortunately decided to use the local login for both websites. And that one is deprecated, I know. But they don't see the Azure B2C login as a good alternative yet....
Or having an option to point the register button to another UserFlow as the Logon button.
Login button -> User SignIn Flow
Register button -> User SignUp Flow
Another Idea: point the user in e-mail to a UserRegister flow and having them redirect to the Register page and autofill the Invite code. But at some point the portal needs to know who you are offcourse.
I have setup AzureB2C completely as well and we are migrating from OnPrem with local authentication to Online and thought hey use the new best options but this is not userfriendly indeed or are we missing something?
Were you ever able to figure this out? I'm stuck in a very similar situation. Specifically, I want only invited contacts to be able to register through Azure AD B2C.
Unfortunately, I didn't find a useful solution. So now we are using the local authentication. And hoping Microsoft will improve the B2C functionality in the future.
We actually came up to a solution but offcourse an unsupported one but works nicely.
- In azure B2C have a seperate signin flow and register flow
- In Dynamics CRM create 2 OpenIdconnect providers, one connected to the register and one to the signup. Create at least:
Authentication/OpenIdConnect/AAD-B2C_2/Caption = Register
- Set Authentication/Registration/OpenRegistrationEnabled to false
Extend Authentication/OpenIdConnect/AAD-B2C_1/ValidIssuers with the new register flow issuer
Now you basically should have 2 buttons to login/register. one puts you to the register flow, other to the Signin flow which you want to use.
In the end set Authentication/Registration/LoginButtonAuthenticationType to the signin flow issuer url so when pressing Signin this goes to signinflow.
When you use the portal page /Account/Login/Register?invitationCode=xxxxxxxxxxx you will see those buttons but the invite is not checked against CRM.
Finally: in CRM an external identitywill be registerd at the contact for the registerflow, for signin this needs to be the signin url, have a realtime workflow on External Identity which copy's the record into the signin record. The contact is not attached at creation but put in directly after creation, so set workflow to on created and field change "contact", check Like:
If External Identity:Identity Provider contains [b2c_1_register] AND External Identity:Contact contains data, then: Create record with same values for contact and username but the idenity provider the Signin issuer.
If you invite someone point the link to portal/Account/Login/Register?invitationCode=xxxxxxxx and they will end up in Register flow.
It took some time but it works.
Credits for the great supporter on this case.
Thanks for sharing your answer. It worked for me too with few changes.
Business Applications communities