Azure Ad B2C . Net 6 (The 'TenantId' option must be provided.)

Question

I am getting this error: The 'TenantId' option must be provided.

In appsettings.json:

"AzureAdB2C": {
    "Instance": "<instance>",
    "Domain": "<domain>",
    //  "TenantId": "<tenantId",
    "ClientId": "<clientId>",
    "CallbackPath": "/signin-oidc",
    "SignInPolicyId": "<signInPolicyId>",
    "SignedOutCallbackPath": "/signout/<signInPolicyId>"
  }

In Program.cs:

builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme).
    AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAdB2C"));

builder.Services.AddControllersWithViews();
builder.Services.AddRazorPages().AddMicrosoftIdentityUI();

And I tried to include TenantId but I am getting a different error:

Answer 1

I have checked I received the error .

IDW10106: The “TenantID” option must be provided

The error is resolved by adding by tenant Id.
But not only that the azure ad b2c appsettings must be configured correctly:

Make sure the domain , instance and all are configured correctly:

In Appsettings.json

{
  "AzureAdB2C": {
    "Instance": "https://xx.b2clogin.com",
    "ClientId": "xxx",
    "Domain": "xx.onmicrosoft.com",
    "SignedOutCallbackPath": "/signout/B2C_1_susi",
    "SignUpSignInPolicyId": "b2c_1_susi",
    "ResetPasswordPolicyId": "b2c_1_reset",
    "EditProfilePolicyId": "b2c_1_edit_profile" // Optional profile editing policy
    //"CallbackPath": "/signin/B2C_1_sign_up_in"  // defaults to /signin-oidc
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*"
}

In startup.cs

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                IdentityModelEventSource.ShowPII = true;
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
            }
            app.UseHttpsRedirection();
            app.UseStaticFiles();
            System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;

            app.UseRouting();
            
            app.UseAuthentication();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllerRoute(
                    name: "default",
                    pattern: "{controller=Home}/{action=Index}/{id?}");
                endpoints.MapRazorPages();
            });
            


        }
    }
}

For the error to be detailed make IdentityModelEventSource.ShowPII = true; and System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
              //  IdentityModelEventSource.ShowPII = true;
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                app.UseHsts();
            }
            app.UseHttpsRedirection();
            app.UseStaticFiles();
            System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
...
}

With all the above settings I could execute successfully

Answer 2

I guess the error is because I use "SignInPolicyId" ?

I changed it to "SignUpSignInPolicyId" since Ive read that I still have to use this even if I create SignIn only policy? but then the error change to "'AADB2C99002: User does not exist. Please sign up before you can sign in."