samples icon indicating copy to clipboard operation
samples copied to clipboard

Published 20 hours ago verified publisher icon azure-ad-b2c

Home Realm discovery based on request URL

Open vicperdana opened this issue 2 years ago • 1 comments

We want to implement a scenario where the identification of an identity provider is determined by the request URL rather than using a domain hint.

For instance:

If the request URL is https://app-trial.company.com/public/Company1/, it should redirect to "Company1" as the identity provider. If the request URL is https://app-trial.company.com/public/Company2/, it should redirect to "Company2" as the identity provider. And so on for different URLs.

The key challenge here is that users may use the same email address across different companies as long as they are accessing the application through different URLs.

The question is: Is this possible to implement in Azure AD B2C, and if so, do we have any sample policies or resources that can help achieve this specific HRD scenario?

vicperdana avatar Sep 25 '23 09:09 vicperdana

You can have the app pass the parameter domain_hint to AAD B2C based on the app path (/Company1 /Company2 etc). https://learn.microsoft.com/en-us/azure/active-directory-b2c/direct-signin

JasSuri avatar Apr 11 '24 13:04 JasSuri