Hi all.
We want to implement SSO with Azure B2C as identity provider for Portal-only customer. We tried pretty much anything (including using the enterprise application in azure, which is not intended for azure b2c). In the end, we always get errors like "Invalid customer saml login callback request" or similar.
- We create a custom flow in Azure b2c. I can confirm that it works in general as we use it already in different scenarios.
- We added the "Service provider assertion consumer service URL" from Atlassian as redirect url in the app registration.
- We added the correct values to identity provider (entity id, sso url and x509 cert). Taken directly from the Azure B2C metadata XML.
I think the main problem here is that Atlassian does not provide any metadata xml. Which is needed for SAML 2.0 to work. In Azure B2C this must be set as PartnerEntity.
We also tried to add it manually like:
<Item Key="PartnerEntity"><![CDATA[<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://auth.atlassian.com/saml/<guid>">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://id.atlassian.com/v2/customer/login/saml/callback?connection=saml-<guid>" index="0" isDefault="true"/>
</md:IDPSSODescriptor>
</md:EntityDescriptor>]]></Item>
but that did not work either.
So, my question: did anyone ever get Portal-only customer SSO with Azure B2C to work? Or is this just not supported?
Any input is appreciated.
