Register a web application
- Make sure you are using the directory that contains your Azure AD B2C tenant.
- In the Azure portal, search for and select Azure AD B2C.
- Select App registrations, and then select New registration.
- Enter a Name for the application. For example,
webapp1
. - Under Supported account types, select Accounts in any identity provider or organizational directory (for authenticating users with user flows).
- Under Redirect URI, select Web, and then enter
https://jwt.ms
in the URL textbox. - Under Permissions, select the Grant admin consent to openid and offline_access permissions checkbox.
- Select Register.
For a web application, you need to create an application secret. The client secret is also known as an application password. The secret is used by your application to exchange an authorization code for an access token.
- On the Azure AD B2C - App registrations page, select the application you created, in our example,
webapp1
. - In the left menu, under Manage, select Certificates & secrets.
- Select New client secret.
- Enter a description for the client secret in the Description box. For example,
clientsecret1
. - Under Expires, select a duration for which the secret is valid, and then select Add.
- Record the secret Value for use in your client application code. This secret value is never displayed again after you leave this page. You use this value as the application secret in your application code.
Connect the webapp1
app with the https://jwt.ms/
app for testing a user flow or custom policy by enabling the implicit grant flow in the app registration:
- In the left menu, under Manage, select Authentication.
- Under Implicit grant and hybrid flows, select both the Access tokens (used for implicit flows) and D tokens (used for implicit and hybrid flows) checkboxes.
- Select Save.
For more information, see Tutorial: Register a web application in Azure Active Directory B2C in the Microsoft Azure documentation.