This section explains steps to configure Azure AD B2C Single Sign-On (SSO) in the Bold BI application. Before integrating Azure AD B2C with Bold BI, ensure the Configure Azure AD B2C tenant in Azure portal is done.
In Bold BI Settings, Click Authentication
and Select the Azure AD B2C
tab.
Enable Azure AD B2C
and provide the following details.
Organization Name | It represents the name of the Oganization that will be displayed in the login page. |
Organization Logo | It represents the logo of the Organization that will be displayed in the login page. |
Application Id | A unique identifier of the Embedded BI web app created in Azure AD B2C. |
Tenant Name | A dedicated instance of the Azure AD B2C service. |
Sign in Polciy | The name of the Sign in/Sign up user flow created in Azure AD B2C. |
Enable single sign out | The name of the Sign in/Sign up user flow created in Azure AD B2C. |
In the Azure AD B2C tenant, under the Overview
, select the tenant’s name from the domain name.
Select the registered application, get the application id, and Provide the created user flow name as the policy name.
Azure AD B2C can be set as default authentication when the Azure AD B2C settings is enabled.
Follow these steps to configure the default authentication.
In the settings page, click the Authentication
tab and select General
.
Enable the Enable Default Authentication option and select the Azure AD B2C as default authentication provider as shown in the following screenshot.
Disabling the Enable Default Authentication option and then clicking Save
will disable the Azure AD B2C default authentication.
You have an Azure subscription for configuring the Azure AD B2C tenant in the Azure portal. If you don’t have one, create a free account.
NOTE: For complete information on configuring Azure AD B2C, check the official B2C documentation which includes tutorials on creating a B2C tenant, registering applications, and more.
To create an Azure AD B2C tenant, please refer to the link Create Azure AD B2C Tenant
After creating an Azure AD B2C tenant, please follow these steps to register a new application into the tenant.
Select App registration
in the left side menu, select New Registration
and give your app a new name.
Select Accounts in any identity provider or organizational directory (for authenticating users with user flows)
under Supported account types.
Under Redirect URI, select Web,
then enter the URL of the Bold BI application. Example https://localhost:5000
.
Under Permissions, select the Grant admin consent to OpenID and offline_access permissions check box and select Register.
Select the registered application, under Manage,
select Authentication,
then select the Access tokens (used for implicit flows)
check box and save the changes.
NOTE: In creating user flow, support is provided for the
sign up and sign in
orsign in
options.
Go to Policies,
select User flows,
and then Click + New user flow
.
Select Sign up and sign in
or sign in
is Recommended,
and click Create.
After that, complete the following configuration of user flow creation.
Name: Enter a name for the flow, for example, signupsignin1.
Local accounts: Select Email Sign up.
User attributes and token claims: Select the following listed attributes that will be collected from the user during sign-up and select the claims that will be returned in the token. Please ensure the following mentioned claims are selected.
Email Address | Email address of the user. |
Email Addresses | Email addresses of the user. |
Given Name | The user's given name (also known as first name). |
Surname | The user's surname (also known as family name or last name). |
User's Object ID | Object identifier (ID) of the user object in Azure AD. |
Select the policy and the application claims
on the left side. Then ensure the following items are selected. If not, select and save the changes.