Skip to main content

Register the Identity Experience Framework

Register the IdentityExperienceFramework application

  1. Select App registrations, and then select New registration.
  2. For Name, enter IdentityExperienceFramework.
  3. Under Supported account types, select Accounts in this organizational directory only.
  4. Under Redirect URI, select Web, and then enter <https://your-tenant-name.b2clogin.com/your-tenant-name.onmicrosoft.com>, where your-tenant-name is your Azure AD B2C tenant domain name.
  5. Under Permissions, select the Grant admin consent to openid and offline_access permissions checkbox.
  6. Select Register.
  7. Record the Application (client) ID for use in a later step.

Expose the API by adding a scope

  1. In the left menu, under Manage, select Expose an API.
  2. Select Add a scope, then select Save and continue to accept the default application ID URI.
  3. Enter the following values to create a scope that allows custom policy execution in your Azure AD B2C tenant:
    • Scope name: user_impersonation
    • Admin consent display name: Access IdentityExperienceFramework
    • Admin consent description: Allow the application to access IdentityExperienceFramework on behalf of the signed-in user
  4. Select Add scope

For more information, see Tutorial: Create user flows and custom policies in Azure Active Directory B2C in the Microsoft Azure documentation.