| title | Enable Python web application options by using Azure Active Directory B2C |
|---|---|
| description | This article shows you how to enable the use of Python web application options. |
| author | kengaderdus |
| manager | CelesteDG |
| ms.service | azure-active-directory |
| ms.topic | reference |
| ms.date | 01/11/2024 |
| ms.author | kengaderdus |
| ms.subservice | b2c |
| ms.custom | b2c-support, devx-track-python |
[!INCLUDE active-directory-b2c-end-of-sale-notice-b]
This article describes how to enable, customize, and enhance the Azure Active Directory B2C (Azure AD B2C) authentication experience for your Python web application.
Before you start, it's important to familiarize yourself with how to Configure authentication in a sample Python web app by using Azure AD B2C.
[!INCLUDE active-directory-b2c-app-integration-custom-domain]
To use a custom domain and your tenant ID in the authentication URL:
- Follow the guidance in Enable custom domains.
- In the app_config.py file, update the
authority_templateclass member with your custom domain.
The following Python code shows the app settings before the change:
authority_template = "https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{user_flow}"The following Python code shows the app settings after the change:
authority_template = "https://custom.domain.com/00000000-0000-0000-0000-000000000000/{user_flow}" [!INCLUDE active-directory-b2c-app-integration-login-hint]
- If you're using a custom policy, add the required input claim as described in Set up direct sign-in.
- Find the
initiate_auth_code_flowmethod, and then add thelogin_hintparameter with the identity provider domain name (for example, facebook.com).
def _build_auth_code_flow(authority=None, scopes=None):
return _build_msal_app(authority=authority).initiate_auth_code_flow(
scopes or [],
redirect_uri=url_for("authorized", _external=True),
login_hint="[email protected]")[!INCLUDE active-directory-b2c-app-integration-domain-hint]
-
Check the domain name of your external identity provider. For more information, see Redirect sign-in to a social provider.
-
Find the
initiate_auth_code_flowmethod, and then add thedomain_hintparameter with the login hint.def _build_auth_code_flow(authority=None, scopes=None): return _build_msal_app(authority=authority).initiate_auth_code_flow( scopes or [], redirect_uri=url_for("authorized", _external=True), domain_hint="facebook.com")
- To learn more, see MSAL for Python configuration options.