Assistance Required: Configuring Azure AD B2C as OAuth 2.0 Provider for VTEX

Question

• I am working on integrating Azure AD B2C as an OAuth 2.0 provider in our VTEX platform. VTEX Document Link- Webstore (OAuth 2.0) a In that document you can see vtex detailed configuration fields and what to fill. Below are the details required for proper configuration. These are the VTEX custom OAuth 2.0 fields in which classiffied some URLs and parameters from azure ad b2c doc and some prompts. Some fields may require additional information, but I am not sure and have not tested them because I do not have an Azure AD B2C account. Can you please check which fields are relevant and what additional fields are required for the AADB2C configuration values inside the VTEX fields?).We need to register an application in Azure AD B2C with the following configurations:
  • **Redirect URI:**https://vtexid.vtex.com.br/VtexIdAuthSiteKnockout/ReceiveAuthorizationCode.ashx
  • Response Type: code
  • Scopes Required: openid email profile
  2. Authorization Request The VTEX system will initiate the OAuth flow using the following details:
  • Authorization URL (GET Method): https://
  • Query Parameters: client_id=
  3. Access Token Exchange Once the authorization code is received, VTEX will exchange it for an access token.
  • Token URL (POST Method): https://
  • Content-Type: application/x-www-form-urlencoded
  • Body Parameters:
  • client_id=
  • Expected Response: { "access_token": "{{Access token}}", "expires_in": "{{Token duration}}" }
  4. User Information Retrieval Once authenticated, VTEX will fetch user details using the access token.
  • User Info URL (GET Method): https://
  • Query Parameter: access_token={{Access token}}
  • Expected Response: { "user_email": "{{User email}}", "user_id": "{{User ID}}", "user_name": "{{Username}}" }
  Request for Assistance Could you please assist us in ensuring that:
  1. The application registration and policies in Azure AD B2C are correctly set up for VTEX.
  2. The Authorization URL, Token Exchange URL, and User Info URL are correct based on our Azure AD B2C tenant and policy settings.
  3. There are no additional configurations required on Azure AD B2C policies to support this OAuth integration.
  Please let us know if any modifications or additional settings are needed.
• Looking forward for guidance.

Answer 1

Hi @Divyansh Bajpai,

Thank you for posting your query on Microsoft Q&A.

As per your query, I understand that you would like to configure Azure AD B2C as identity provider in VTEX.

I believe you have followed VTEX document which is a third-party service where Azure do not hold any responsibility. I would like to inform you that when you configure Azure AD B2C as an IDP in a third-party service, you need to contact their support in order to achieve the end goal.

1. The application registration and policies in Azure AD B2C are correctly set up for VTEX.
   To register an application and receive a token you can follow this document: Register a web application in Azure Active Directory B2C
2. The Authorization URL, Token Exchange URL, and User Info URL are correct based on our Azure AD B2C tenant and policy settings.
   You can get all the required URLs of your Azure AD B2C from App registrations by following this path: Login to Azure AD B2C as an admin --> App registrations --> Endpoints.
3. There are no additional configurations required on Azure AD B2C policies to support this OAuth integration.
   Azure AD B2C can acts as IDP in different Azure AD B2C. This scenario is used when one Azure AD B2C users to use another Azure AD B2C application, you can add Tenant 1 Azure AD B2C as IDP in tenant 2 Azure AD B2C. If you would like to check how it is configured within Azure AD B2C, please follow this document: Set up sign-up and sign-in with an Azure AD B2C account from another Azure AD B2C tenant.

I hope this information is helpful. Please feel free to reach out if you have any further questions.

If the answer is helpful, please click "Accept Answer" and kindly "upvote it". If you have extra questions about this answer, please click "Comment".