Skip to content
Migrating from NextAuth.js v4? Read our migration guide.

providers/azure-ad-b2c

Built-in Azure AD B2C integration.

AzureADB2CProfile

See

Claims

Properties

aud

aud: string;

auth_time

auth_time: number;

country

country: string;

emails

emails: string[];

exp

exp: number;

iat

iat: number;

iss

iss: string;

name

name: string;

nbf

nbf: number;

oid

oid: string;

postalCode

postalCode: string;

sub

sub: string;

tfp

tfp: string;

ver

ver: string;

default()

default(options): OIDCConfig<AzureADB2CProfile>

Add Azure AD B2C login to your page.

Configuration

Basic

Basic configuration sets up Azure AD B2C to return an ID Token. This should be done as a prerequisite prior to running through the Advanced configuration.

  1. Azure AD B2C Tenant
  2. App Registration
  3. User Flow

For the step “User attributes and token claims” set the following:

  • Collect attribute:
    • Email Address
    • Display Name
    • Given Name
    • Surname
  • Return claim:
    • Email Addresses
    • Display Name
    • Given Name
    • Surname
    • Identity Provider
    • Identity Provider Access Token
    • User’s Object ID

Parameters

ParameterType
optionsOIDCUserConfig<AzureADB2CProfile> & { primaryUserFlow: string; tenantId: string; }

Returns

OIDCConfig<AzureADB2CProfile>

Example

import { Auth } from "@auth/core"
import AzureADB2C from "@auth/core/providers/azure-ad-b2c"
 
const request = new Request("https://example.com")
const response = await AuthHandler(request, {
  // optionally, you can pass `tenantId` and `primaryUserFlow` instead of `issuer`
  providers: [AzureADB2C({ clientId: "", clientSecret: "", issuer: "" })],
})

Resources


Notes

By default, Auth.js assumes that the Azure AD B2C provider is based on the OIDC specification.

💡

The Azure AD B2C provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.

Disclaimer If you think you found a bug in the default configuration, you can open an issue.

Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.

Auth.js © Balázs Orbán and Team - 2024