We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.

That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.

Apologies for the delay.

/Parakh

Old message:
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?

Hi all, a quick update here. We are looking at different options in allowing this customization. We understand that this is very important when you want to keep the look of the emails consistent with your brand to avoid confusing your users. We should have another update in the coming months as we figure out how to accomplish this.

/Sam

Due to various technical limitations, the first iteration of the customer-owned domains functionality will not be available for a few more months. We will provide an update as soon as we can get a more specific ETA.

If you are looking to use custom domains to use javascript, we are now looking to enable that experience by providing a new (non-customizable) domain. Please look for updates here: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/15493536-add-support-for-javascript-inside-the-custom-ui-br

/Parakh

Hi all, I just wanted to let you know we have started work on this and will have something available in preview within the next few weeks. I’ll post again when we have something ready to be previewed.

/Sam

We are looking for private preview customers who are interested in using Azure AD (single tenant only) or any other custom OIDC compliant identity providers in your built-in policies. If you are interested, please send an email specifying this specific request to aadb2cpreview@microsoft.com with your Azure AD B2C tenant name.

Just to provide an update, we are close to launching a private preview. We are in the final testing stages for this feature. We will have another update in the next few weeks with instructions on how to join the private preview.

Thank you for the feedback. We are strongly considering this for the future. Today we are focusing on customer facing apps with open self-service signup. /Jose Rojas

We are hoping to support more datacenters in the future, especially in the Asia/Pacific region, but it is not currently planned for the short term.

/Parakh

Hi all, an update on how we plan to be rolling this out. Originally we said that this would be allowed on a subdomain provided for each tenant, but we are adding an additional requirement here. In addition to only running JS on .B2Clogin.com, we are creating versioned packages of html, css and JS content for each page. You will be able to lock your pages to a specific version so as we update anything on our side, you won’t run the risk of unexpected behaviour on your page. We are planning to roll out .b2clogin.com without JS support sooner and the page contracts will be coming to private preview in the coming weeks.

/Sam

Seems like this feature request was not updated when the feature was announced. Talking to a SAML2.0 identity provider is possible if you use custom policies: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview-custom

/Parakh

Thank you. We will examine the experience of duplicate sign ups across Identity providers. Would performing this check by using the email address be sufficient?

BTW, Linking multiple provider accounts to one user is in our roadmap and we’ve already achieved it in preview…

We look forward to your feedback

/Jose Rojas

We are reviewing this feature request and hope to make progress on it later this year (Fall or later). Will make another update then.

/Parakh

We are currently prioritizing Azure AD as and identity provider into B2C. We will review this request after that work is done. Keep the requests coming! /Jose Rojas

Currently, you can use “App Registration” blade in the Azure Portal (outside of the Azure AD B2C blades) to register an apps that define application permission and the register apps that use client credentials to request these. The caveat is that this is done using the same mechanism that you’d use in regular Azure AD.

Ideally we’d have a first class experience for this in the Azure AD B2C blades or at least have an Azure doc that walks you through the experience I just summarized, so I’m leaving this feature ask open.

It would be great if you guys can add comments with your feedback. What scenarios areyou trying to achieve? Does the approach above help you achieve what you want to achieve? Does the experience to do so work for you guys and if not, what would you like to see?

We have a private preview of this feature available. If you are interested in joining, please contact aadb2cpreview@microsoft.com with the name of your tenant.

/Sam

We’d like to understand a bit more this ask, particularly how this differs from the “Reset Password” policy.
Ultimately, “Reset Password” allows the user to change his/her password by doing a second factor (email) verification.

Is the primary driver behind this ask offering a simpler experience that doesn’t require a second factor?
Basically something like having a “Password” field in the “Edit Profile” policy which the user can change?
Would you expect them to type their old password as well?

Please do share as much details with regards to what you’d like to see for this ask.