I am trying to integrate Azure AD B2C as OpenID Connect into PlayFab to support AD user to login into PlayFab, below are the steps which I have tried-
Azure AD B2C
PlayFab Configuration
Created Game title
Successfully able to add logins players using LoginWithCustomID, LoginWithFacebook.
OpenId Connect config in PlayFab:
https://{tenant-name}.b2clogin.com/{tenant-name}.onmicrosoft.com/b2c_1_signupsignin/v2.0Problem:
When I am trying to hit LinkOpenIdConnect API from PlayFab, API is returning blow error-
{
"code": 403,
"status": "Forbidden",
"error": "NotAuthorized",
"errorCode": 1089,
"errorMessage": "IDX20803: Unable to obtain configuration from: 'https://{tenant-name}.b2clogin.com/{tenant-id}/v2.0/.well-known/openid-configuration'."
}
Could anyone please help me where I am doing wrong? Thank you in advance.
Please check if below can be worked around.
Please Make sure the Authority, on the API server, should be set to a URL that points to one of the policies so that it can be properly fetched in the openid configuration.
Make sure that policy settings have the issuer URL format set to the one that does NOT include a specific policy in the issuer URL. And provide the generic issuer url in portal like below
https:// /tfp//v2/
(or)
policy specific issuer :
https://domain/tfp//b2c_1_ policy/v2/
Authority something like https://<tenantname>.b2clogin.com/tfp/{tenantName}.onmicrosoft.com/B2C_1_{signup_policy}/v2.0/ "
Or
https://<tenantname>.b2clogin.com/tfp/TenantId /B2C_1_{signup_policy}/v2.0/
/tfp is optional but try to include and check by adding tfp Where Instance is "https://XXXX.b2clogin.com/tfp/", Domain is "XXXX.onmicrosoft.com"
Issuer (iss) claim is a property that identifies the Azure AD B2C tenant that issued the token.
The default value is https://<domain>/{B2C tenant GUID}/v2.0/.
whereas, the value of https://<domain>/tfp/{B2C tenant GUID}/{Policy ID}/v2.0/
includes IDs for both the Azure AD B2C tenant and the user flow that was used in the token request