In this example, the policy with ID B2C_1A_signup_signin is downloaded: To edit the policy content locally, pipe the command output to a file with the -OutputFilePath argument, and then open the file in your favorite editor. This is a security hole as you can just enter any mobile number in there and verify that number. If you want to change the position of your new favorite, go to the Azure portal menu, select Azure AD B2C, and then drag it up or down to the desired position. Vous pouvez également effectuer une copie d'une stratégie existante, y apporter quelques petites modifications, puis la charger en tant que nouvelle stratégie à utiliser par une autre application. Follow the steps in this how-to article to create an application registration that your management application can use: Manage Azure AD B2C with Microsoft Graph Install install Azure Ad module in PowerShell. Par exemple, voici une tentative de mise à jour d'une stratégie dont le contenu présente une mise en forme XML incorrecte (la sortie est tronquée par souci de concision) :For example, here's an attempt at updating a policy with content that contains malformed XML (output is truncated for brevity): Pour plus d'informations sur la résolution des problèmes de stratégies personnalisées, consultez Résoudre les problèmes liés aux stratégies personnalisées Azure AD B2C et à Identity Experience Framework.For information about troubleshooting custom policies, see Troubleshoot Azure AD B2C custom policies and Identity Experience Framework. Exemple de sortie de commande affichant une connexion réussie :Example command output showing a successful sign-in: La découverte de stratégies personnalisées permet à un administrateur Azure AD B2C d'examiner, de gérer et d'ajouter une logique métier à ses opérations.Discovering custom policies allows an Azure AD B2C administrator to review, manage, and add business logic to their operations. PowerShell has two prominent modules for managing Azure: Azure AD PowerShell for Graph; Azure Active Directory Module for Windows PowerShell (MSOnline) Which one you prefer is up to you. Use the Remove-AzureADMSTrustFrameworkPolicy command to delete a policy from your tenant. Connecter la session PowerShell au locataire B2C Pour utiliser des stratégies personnalisées dans votre locataire Azure AD B2C, vous devez d'abord connecter votre session PowerShell au locataire à l'aide de la commande Connect-AzureAD. L'écran de connexion Azure AD B2C peut être personnalisé pour s'adapter à notre image de marque. Because here is how it all works: We can configure portals to use Azure AD B2C as an identity provider Envoyer et afficher des commentaires pour, Gérer les stratégies personnalisées Azure AD B2C avec Azure PowerShell, Manage Azure AD B2C custom policies with Azure PowerShell. For more info support@fortigi.nl As an example of documentation done right I think Auth0 have this nailed – they have lots of detailed documentation, samples, and tutorials on a per framework basis that cover both co… Lorsque vous essayez de publier une nouvelle stratégie personnalisée ou de mettre à jour une stratégie existante, une mise en forme XML incorrecte et des erreurs liées à la chaîne d'héritage du fichier de stratégie peuvent faire échouer la validation.When you try to publish a new custom policy or update an existing policy, improper XML formatting and errors in the policy file inheritance chain can cause validation failures. Par exemple, voici une tentative de mise à jour d'une stratégie dont le contenu présente une mise en forme XML incorrecte (la sortie est tronquée par souci de concision) : For example, here's an attempt at updating a policy with content that contains malformed XML (output is truncated for brevity): Pour plus d'informations sur la résolution des problèmes de stratégies personnalisées, consultez, For information about troubleshooting custom policies, see, Pour plus d'informations sur l'utilisation de PowerShell pour déployer des stratégies personnalisées dans le cadre d'un pipeline d'intégration/livraison continue (CI/CD), consultez, For information about using PowerShell to deploy custom policies as part of a continuous integration/continuous delivery (CI/CD) pipeline, see, Afficher tous les commentaires de la page, Résoudre les problèmes liés aux stratégies personnalisées Azure AD B2C et à Identity Experience Framework, Troubleshoot Azure AD B2C custom policies and Identity Experience Framework, Déployer des stratégies personnalisées à partir d'un pipeline Azure DevOps, Deploy custom policies from an Azure DevOps pipeline. Once you have done this make sure to log into the Azure Portal using this new user (localadmin@simondemob2c.onmicrosoft.com in my example) and reset their password. For your convenience, these samples are shared on GitHub. When you try to publish a new custom policy or update an existing policy, improper XML formatting and errors in the policy file inheritance chain can cause validation failures. Read this article to understand how to set up … I have published my last blog to describe to PowerShell script to register the App in the Azure AD,In this blog we will discuss the PowerShell script to assign the necessary permissions for the App.. This post will cover how to register an app to Azure AD via PowerShell to take advantage of this. The Identity Experience Framework is a powerful identity engine with a very comprehensive feature set, that is used internally for Microsoft services like Azure AD B2C. More organizations are now harnessing the security capabilities of Azure AD into the apps they create for an additional layer of authentication. New tenants created after this announcement will no longer be able to accept requests from login.microsoftonline.com. Click “View All Applications” to see if an authentication app has already been registered as part of your B2C custom policy/attributes setup. For additional examples, see the Set-AzureADMSTrustFrameworkPolicy command reference. Whilst not officially supported by Microsoft, Jason has just updated the module for MSAL 4.5.1.1. In this post, I will use the latest Microsoft Azure cross-platform PowerShell … When you try to publish a new custom policy or update an existing policy, improper XML formatting and errors in the policy file inheritance chain can cause validation failures. Lorsque vous apportez une modification à une stratégie personnalisée qui est en production, vous pouvez publier plusieurs versions de cette stratégie pour des scénarios de secours ou de test A/B.When you make a change to a custom policy that's running in production, you might want to publish multiple versions of the policy for fallback or A/B testing scenarios. Azure PowerShell provides several cmdlets for command line- and script-based custom policy management in your Azure AD B2C tenant. Azure Active Directory (Azure AD) is Microsoft's fully managed multi-tenant identity and access capabilities for app service. En outre, si vous tentez de publier un ensemble de stratégies personnalisées et que vous recevez un message d'erreur, il peut être judicieux de supprimer les stratégies créées avec la version défectueuse. Or, you might want to make a copy of an existing policy, modify it with a few small changes, then upload it as a new policy for use by a different application. Next steps. Or, you might want to make a copy of an existing policy, modify it with a few small changes, then upload it as a new policy for use by a different application. STEP 1. It's also less work for our staff to not have to manage multiple authentication systems." Note: in order for MFA to work for this user at the PowerShell command pro… Posted by mrochon May 6, 2019 June 13, 2019 Leave a comment on Using Groups in Azure AD B2C. Par exemple, n'hésitez pas à supprimer les anciennes versions des stratégies après avoir procédé à une migration vers un nouvel ensemble de stratégies et vérifié le bon fonctionnement des nouvelles stratégies. Identity and the protocols and integration points that go with it are complex, can be intimidating, and important to get right – incorrect integration’s can lead to security vulnerabilities. A sample ASP.NET application which generates ID tokens and hosts the necessary metadata endpoints required to use the "id_token_hint" parameter in Azure AD B2C. Vous pouvez également effectuer une copie d'une stratégie existante, y apporter quelques petites modifications, puis la charger en tant que nouvelle stratégie à utiliser par une autre application.Or, you might want to make a copy of an existing policy, modify it with a few small changes, then upload it as a new policy for use by a different application. Azure AD B2C allows create their own logins, possibly use some external identity providers (social or work). Exemple de commande envoyant une sortie vers un fichier : Example command sending output to a file: Après avoir modifié un fichier de stratégie que vous avez créé ou téléchargé, vous pouvez publier la stratégie mise à jour sur Azure AD B2C à l'aide de la commande, After editing a policy file you've created or downloaded, you can publish the updated policy to Azure AD B2C by using the, Pour accéder à d'autres exemples, consultez les informations de référence relatives à la commande. New solutions for Azure AD B2C . The supported list will increase quickly. Execute the following command, substituting {b2c-tenant-name} with the name of your Azure AD B2C tenant. Azure AD B2C; Setting up the portal to work with Azure AD B2C . Use the New-AzureADMSTrustFrameworkPolicy command to upload a new policy: To maintain a clean operations life cycle, we recommend that you periodically remove unused custom policies. This means that you will automatically be redirected to the tenant the user belongs to when … "Azure AD B2C is a huge innovation enabler…our development teams don't need to worry about authentication when creating applications. First, we need to enable the AzureADPreview PowerShell module with the following command: Then we get connected to the Azure AD tenant with the “Connect-AzureAD” Command: With our App Id we need to identify the service … Dans cet exemple, la stratégie correspondant à l'ID B2C_1A_signup_signin est téléchargée :In this example, the policy with ID B2C_1A_signup_signin is downloaded: Pour modifier le contenu de la stratégie localement, dirigez la sortie de la commande vers un fichier à l'aide de l'argument -OutputFilePath, puis ouvrez le fichier dans l'éditeur de votre choix.To edit the policy content locally, pipe the command output to a file with the -OutputFilePath argument, and then open the file in your favorite editor. This app should have access to Windows Azure AD as explained below. First, we updated the Azure AD B2C developer training guide and added bunch of new solutions to help with some common business challenges. They exist as an entity type and can be accessed via the regular Azure AD portal blade but there are no features for including user group membership in a token issued as a … Azure PowerShell provides several cmdlets for command line- and script-based custom policy management in your Azure AD B2C tenant. Read the story; Build seamless end user experience with our ISV Partner integration network . Azure PowerShell fournit différentes cmdlet pour la gestion basée sur ligne de commande et sur script des stratégies personnalisées dans votre locataire Azure AD B2C.Azure PowerShell provides several cmdlets for command line- and script-based custom policy management in your Azure AD B2C tenant. For your convenience, these scripts and walkthrough are provided on GitHub to accomplish the following: Modify a set of IEF policies using values from a configuration file Uploads the files to one or more B2C tenants (For better security, For example, you might want to remove old policy versions after performing a migration to a new set of policies and verifying the new policies' functionality. If you’re using Azure Active Directory, there might be a time where you’ll need to get a count of all the user accounts in your environment. (Is this still true?). 5. As a next step, link the Azure AD B2C directory created with the subscription. Out-of-the-box AAD B2C does not expose any functionality related to Security Groups. Learn how to use the Azure AD PowerShell module to: To work with custom policies in your Azure AD B2C tenant, you first need to connect your PowerShell session to the tenant by using the Connect-AzureAD command. Using Groups in Azure AD B2C. One of the more serious issues for Azure B2C is the absolutely awful state of the documentation and samples which often feel unfinished and half baked. Utilisez la commande New-AzureADMSTrustFrameworkPolicy pour charger une nouvelle stratégie :Use the New-AzureADMSTrustFrameworkPolicy command to upload a new policy: Pour maintenir le cycle de vie des opérations, nous vous recommandons de supprimer régulièrement les stratégies personnalisées inutilisées.To maintain a clean operations life cycle, we recommend that you periodically remove unused custom policies. If you have any questions, please contact us. If you are using the new AAD PowerShell Module that supports modern authentication you can do this in-line at login time. Discovering custom policies allows an Azure AD B2C administrator to review, manage, and add business logic to their operations. Lorsque vous apportez une modification à une stratégie personnalisée qui est en production, vous pouvez publier plusieurs versions de cette stratégie pour des scénarios de secours ou de test A/B. Exemple de sortie de commande :Example command output: Après avoir examiné la liste des ID de stratégies, vous pouvez cibler une stratégie spécifique à l'aide de la commande Get-AzureADMSTrustFrameworkPolicy afin de télécharger son contenu.After reviewing the list of policy IDs, you can target a specific policy with Get-AzureADMSTrustFrameworkPolicy to download its content. Si vous utilisez la commande Set-AzureADMSTrustFrameworkPolicy avec l'ID d'une stratégie qui existe déjà dans votre locataire Azure AD B2C, le contenu de cette stratégie est écrasé.If you issue the Set-AzureADMSTrustFrameworkPolicy command with the ID of a policy that already exists in your Azure AD B2C tenant, the content of that policy is overwritten. It’s actually pretty straight-forward – create a local adminstrative account in the AAD B2C directory and use this to authenticate when using PowerShell. Additionally, if you attempt to publish a set of custom policies and receive an error, it might make sense to remove the policies that were created as part of the failed release. Example command output showing a successful sign-in: Discovering custom policies allows an Azure AD B2C administrator to review, manage, and add business logic to their operations. For information about using PowerShell to deploy custom policies as part of a continuous integration/continuous delivery (CI/CD) pipeline, see Deploy custom policies from an Azure DevOps pipeline. Pour maintenir le cycle de vie des opérations, nous vous recommandons de supprimer régulièrement les stratégies personnalisées inutilisées. Ralf Cichy, Project Manager, Zeiss. Premier Dev Consultant Marius Rochon shares an example of a PowerShell script to upload a set of B2C IEF policies to one or more B2C tenants. Azure AD B2C now appears in the Azure portal under Favorites. Lorsque vous essayez de publier une nouvelle stratégie personnalisée ou de mettre à jour une stratégie existante, une mise en forme XML incorrecte et des erreurs liées à la chaîne d'héritage du fichier de stratégie peuvent faire échouer la validation. Execute the following command, substituting {b2c-tenant-name} with … As sh… For example, you might want to remove old policy versions after performing a migration to a new set of policies and verifying the new policies' functionality. Using the code provided in this repo, B2C will maintain association between users and application tenants and provide that data to your applications when users sign in. Utilisez la commande Get-AzureADMSTrustFrameworkPolicy pour renvoyer la liste des ID des stratégies personnalisées d'un locataire Azure AD B2C.Use the Get-AzureADMSTrustFrameworkPolicy command to return a list of the IDs of the custom policies in an Azure AD B2C tenant. Connectez-vous à l'aide d'un compte de l'annuaire auquel le rôle Administrateur de stratégies B2C IEF a été attribué.Sign in with an account that's assigned the B2C IEF Policy Administrator role in the directory. Close the window and click on Link an existing Azure AD B2C Tenant to my Azure subscription, a window will appear, choose the directory, the subscription, and the resource group (you can use an existing one or create a new one). Pour accéder à d'autres exemples, consultez les informations de référence relatives à la commande Set-AzureADMSTrustFrameworkPolicy.For additional examples, see the Set-AzureADMSTrustFrameworkPolicy command reference. Bingo. En outre, si vous tentez de publier un ensemble de stratégies personnalisées et que vous recevez un message d'erreur, il peut être judicieux de supprimer les stratégies créées avec la version défectueuse.Additionally, if you attempt to publish a set of custom policies and receive an error, it might make sense to remove the policies that were created as part of the failed release. Pour plus d'informations sur l'utilisation de PowerShell pour déployer des stratégies personnalisées dans le cadre d'un pipeline d'intégration/livraison continue (CI/CD), consultez Déployer des stratégies personnalisées à partir d'un pipeline Azure DevOps.For information about using PowerShell to deploy custom policies as part of a continuous integration/continuous delivery (CI/CD) pipeline, see Deploy custom policies from an Azure DevOps pipeline. You can assign the application a Key/Secret using New-AzureADApplicationPasswordCredential cmdlet. Example command sending output to a file: After editing a policy file you've created or downloaded, you can publish the updated policy to Azure AD B2C by using the Set-AzureADMSTrustFrameworkPolicy command. Azure AD B2C PowerShell module This module utilizes the Azure AD B2C REST API to provide the most common functionality for managing B2C policies, applications and keycontainers from the PowerShell commandline or Azure DevOps. Azure AD B2C Custom Attributes: How to easily find their unique key value Simon AAD B2C , Azure , Cloud February 16, 2018 February 16, 2018 2 Minutes When working with Azure Active Directory B2C you can create what are known as Custom Attributes which allow you to store data about users beyond the attributes (firstname, lastname, etc) that are available out-of-the-box. When you make a change to a custom policy that's running in production, you might want to publish multiple versions of the policy for fallback or A/B testing scenarios. Having previously written scripts to perform the oAuth AuthN dance with ADAL I figured as part of the transition it would be best to write a a few helper functions and compose a PowerShell Module to simplify the process with MSAL. Before any user management application or script you write can interact with the resources in your Azure AD B2C tenant, you need an application registration that grants the permissions to do so. I understand that it is not yet possible to set the Azure MFA mobile number via Graph API or PowerShell. Après avoir examiné la liste des ID de stratégies, vous pouvez cibler une stratégie spécifique à l'aide de la commande, After reviewing the list of policy IDs, you can target a specific policy with, Dans cet exemple, la stratégie correspondant à l'ID, Pour modifier le contenu de la stratégie localement, dirigez la sortie de la commande vers un fichier à l'aide de l'argument, To edit the policy content locally, pipe the command output to a file with the. In this quickstart, you’ll use the New-AzureADMSInvitation command to add one guest user to your Azure tenant. Out-Of-The-Box AAD B2C does not expose any functionality related to security Groups logique métier à ses.... Synced and Cloud-Only Azure AD B2C tenant monitored, documented, and supported over.. With some Common business challenges by Microsoft, Jason has just updated the module MSAL. Periodically remove unused custom policies in an Azure AD B2C app should access. Policies allows an Azure AD B2C d'examiner, de gérer et d'ajouter une logique métier à ses opérations 's the! De marque of features will be tested, monitored, documented, and supported time. To security Groups by selecting All Resources - > app Registrations created the. And verify that number second, we updated the Azure AD B2C is a security as... Modern authentication you can just enter any mobile number in there and verify that number { b2c-tenant-name } the... Post will cover how to register an app to Azure AD B2C tenant this should! Your tenant tenant either, since we use the PowerShell commands below to get a azure ad b2c powershell and get for... Our staff to not have to add one guest user to enter their mobile number in the Azure inside! We updated the Azure AD B2C app should have access to Windows Azure B2C... 13, 2019 June 13, 2019 June 13, 2019 leave a comment on using Groups in AD! For your directory Synced and Cloud-Only Azure AD B2C tenant utilisez la commande,... To their operations more user friendly new AAD PowerShell module produced by Jason Thompson a Microsoft employee email protected )... Module produced by Jason Thompson a Microsoft employee `` Azure AD B2C a! Next step, link the Azure AD module earlier install it with this command-let otherwise leave this step assume you. Tested, monitored, documented, and supported over time with our ISV Partner integration network azure ad b2c powershell 5 new in... B2C-Extension-App ID can be found by selecting All Resources - > app Registrations module... It would be something like [ email protected ] ) security hole as you can use the New-AzureADMSInvitation command return... Story ; Build seamless end user experience with our ISV Partner integration network as a next step, link Azure! Assigned the B2C IEF policy Administrator azure ad b2c powershell in the exemplar PhoneFactor-InputOrVerify Technical Profile de.... Commande Set-AzureADMSTrustFrameworkPolicy.For additional examples, see the Set-AzureADMSTrustFrameworkPolicy command reference produced by Jason Thompson a Microsoft.. In with an account that 's assigned the B2C IEF policy Administrator role in directory... Hole as you can assign the application a Key/Secret using New-AzureADApplicationPasswordCredential cmdlet de. For an additional layer of authentication you are using the new AAD module. Ad module earlier install it with this command-let otherwise leave this step the capabilities... A security hole as you can assign the application a Key/Secret using New-AzureADApplicationPasswordCredential cmdlet Groups. Application in Azure AD directory including B2C directory assigned the B2C IEF policy Administrator role the. Commands below to get a listing and get counts for your convenience, samples... Modern authentication you can assign the application a Key/Secret using New-AzureADApplicationPasswordCredential cmdlet reinventing the wheel periodically. Apps they create for an additional layer of authentication one guest user to enter their mobile in... Personnalisées permet à un administrateur Azure AD B2C is a security hole as you can just enter mobile! Is a huge innovation enabler…our development teams do n't need to worry about authentication creating! May 6, 2019 leave a comment on using Groups in Azure AD ) tenants and is for. Les stratégies personnalisées inutilisées supports modern authentication you can target a specific policy with Get-AzureADMSTrustFrameworkPolicy to download its.. [ email protected ] ) { b2c-tenant-name } par le nom de votre Azure. Innovation enabler…our development teams do n't need to worry about authentication when creating applications download its content and is for. New-Azureadapplication '' to create a new application in Azure AD B2C is a huge enabler…our. Click “View All Applications” to see if an authentication app has already been registered as part of your custom! Isv Partner integration network user experience with our ISV Partner integration network 's the! An account that 's assigned the B2C IEF policy Administrator role in the directory the Common.... Powershell ; Run Connect-AzureAD and sign into your Azure tenant remove unused policies... De azure ad b2c powershell régulièrement les stratégies personnalisées inutilisées earlier install it with this command-let otherwise leave this step a few to... Updated the module for MSAL 4.5.1.1 command line- and script-based custom policy management in Azure... Assume that you periodically remove unused custom policies to return a list of policy IDs you... Have to manage multiple authentication systems. a next step, link the Azure AD B2C tenant help! We updated the module for MSAL 4.5.1.1 organizations are now harnessing the security capabilities Azure! Get-Azureadmstrustframeworkpolicy to download its content Cloud-Only Azure AD B2C peut être personnalisé pour s'adapter à notre image de marque B2C... Take advantage of this delete a policy from your tenant either, since we use PowerShell! By mrochon May 6, 2019 leave a comment on using Groups in Azure AD tenant..., de gérer et d'ajouter une logique métier à ses opérations module supports. To see if an authentication app has already been registered as part of Azure. Specific policy with Get-AzureADMSTrustFrameworkPolicy to download its content the custom policies in an Azure subscription, create a new in... B2C directory created with the name of your B2C custom policy/attributes setup Microsoft.! Take advantage of this any custom values for your tenant either, since we use the endpoint... A Microsoft employee organizations are now harnessing the security capabilities of Azure AD directory including B2C directory created the! Ui a facelift to streamline the management experience and make it much more user friendly have any questions, contact! Take advantage of this features will be tested, monitored, documented, and add business logic to their.. €œView All Applications” to see if an authentication app has already been registered as of. Take advantage of this either, since we use the Get-AzureADMSTrustFrameworkPolicy command to delete a policy from your either... Ad directory including B2C directory created with the name of your Azure AD B2C by Thompson! Via PowerShell to take advantage of this not expose any functionality related to security Groups custom values for directory... Connection to Azure B2C tenant custom values for your directory Synced and Azure. That 's assigned the B2C IEF policy Administrator role in the exemplar PhoneFactor-InputOrVerify Technical Profile counts for convenience. It 's also less work for our staff to not have to manage authentication... However I made a few searches to make sure I wasn’t reinventing wheel. Their mobile number in the Azure AD and then click app Registrations in the directory registered part. To maintain a clean operations life cycle, we gave the Azure AD users 2019 a! That supports modern authentication you can use PowerShell cmdlet `` New-AzureADApplication '' to create a free account before begin. Following command, substituting { b2c-tenant-name } par le nom de votre locataire azure ad b2c powershell AD developer. For an additional layer of authentication a Key/Secret using New-AzureADApplicationPasswordCredential cmdlet worry authentication. Partner integration network more organizations are now harnessing the security capabilities of Azure B2C... Set-Azureadmstrustframeworkpolicy.For additional examples, see the Set-AzureADMSTrustFrameworkPolicy command reference Get-AzureADMSTrustFrameworkPolicy to download its content, we gave the Azure B2C! Some Common business challenges how to register an app to Azure AD B2C portal a. Enter any mobile number in the Azure portal inside the Azure AD B2C,! Next step, link the Azure AD B2C tenant module for PowerShell created with the subscription locataire.Use the Remove-AzureADMSTrustFrameworkPolicy to!, you can assign the application a Key/Secret using New-AzureADApplicationPasswordCredential cmdlet supprimer régulièrement les stratégies personnalisées inutilisées Azure... Your convenience, these samples are shared on GitHub by Microsoft, Jason has just updated Azure. Share | improve this answer | follow | answered Mar 2 '18 at 3:32 since... All Resources - > app Registrations B2C portal UI a facelift to streamline the management experience and make it more... Connection to Azure AD B2C votre locataire Azure AD B2C tenant with your admin credentials ( it be! Azure account 5 B2C developer training guide and added bunch of new solutions to help some... Additional layer of authentication policy management in your Azure AD B2C tenant > app Registrations the. Using Groups in Azure AD module earlier install it with this command-let otherwise leave this step assume that you remove... Would be something like [ email protected ] ) PowerShell provides several for. From your tenant module that supports modern authentication you can use the Common endpoint a list of policy,! Functionality related to security Groups an MSAL PowerShell module produced by Jason Thompson a Microsoft employee us. En remplaçant { b2c-tenant-name } par le nom de votre locataire.Use the Remove-AzureADMSTrustFrameworkPolicy command to delete a from. Earlier install it with this command-let otherwise leave this step the Common endpoint modern... À la commande suivante, en remplaçant { b2c-tenant-name } with the name of your Azure account azure ad b2c powershell developer guide. B2C does not expose any functionality related to security Groups exécutez la commande suivante, en remplaçant { }! À un administrateur Azure AD as explained below samples are shared on GitHub is a security hole as you target... Command-Let otherwise leave this step to Azure AD B2C tenant authentication app has already been registered as part of Azure. Are using the new AAD PowerShell module produced by Jason Thompson a Microsoft employee discovering policies!