Tutorial: Create an Azure Active Directory B2C tenant
Before your applications can interact with Azure Active Directory B2C (Azure AD B2C), they must be registered in a tenant that you manage.
In this article, you learn how to:
- Create an Azure AD B2C tenant
- Link your tenant to your subscription
- Switch to the directory containing your Azure AD B2C tenant
- Add the Azure AD B2C resource as a Favorite in the Azure portal
Before you create your Azure AD B2C tenant, you need to take the following considerations into account:
You can create up to 20 tenants per subscription. This limit help protect against threats to your resources, such as denial-of-service attacks, and is enforced in both the Azure portal and the underlying tenant creation API. If you want to increase this limit, please contact Microsoft Support.
By default, each tenant can accommodate a total of 1.25 million objects (user accounts and applications), but you can increase this limit to 5.25 million objects when you add and verify a custom domain. If you want to increase this limit, please contact Microsoft Support. However, if you created your tenant before September 2022, this limit doesn't affect you, and your tenant will retain the size allocated to it at creation, that's, 50 million objects. Learn how to read your tenant usage.
If you want to reuse a tenant name that you previously tried to delete, but you see the error "Already in use by another directory" when you enter the domain name, you'll need to follow these steps to fully delete the tenant before you try again. You require a role of at least Subscription Administrator. After deleting the tenant, you might also need to sign out and sign back in before you can reuse the domain name.
Prerequisites
An Azure subscription. If you don't have one, create a Trial before you begin.
An Azure account that's been assigned at least the Contributor role within the subscription or a resource group within the subscription is required.
Note
You can’t create subscriptions in or transfer subscriptions to Azure AD B2C tenant. You create a subscription in Microsoft Entra tenant, and then link it to your Azure AD B2C tenant.
Create an Azure AD B2C tenant
Note
If you're unable to create Azure AD B2C tenant, review your user settings page to ensure that tenant creation isn't switched off. If tenant creation is switched on, ask your Global Administrator to assign you a Tenant Creator role.
Sign in to the Azure portal.
Make sure you're using the Microsoft Entra tenant that contains your subscription:
In the Azure portal toolbar, select the Directories + subscriptions icon.
On the Portal settings | Directories + subscriptions page, find your Microsoft Entra directory that contains your subscription in the Directory name list, and then select Switch button next to it.
Add Microsoft.AzureActiveDirectory as a resource provider for the Azure subscription you're using (learn more):
- On the Azure portal, search for and select Subscriptions.
- Select your subscription, and then in the left menu, select Resource providers. If you don't see the left menu, select the Show the menu for < name of your subscription > icon at the top left part of the page to expand it.
- Make sure the Microsoft.AzureActiveDirectory row shows a status of Registered. If it doesn't, select the row, and then select Register.
On the Azure portal menu or from the Home page, select Create a resource.
Search for Azure Active Directory B2C, and then select Create.
Select Create a new Azure AD B2C Tenant.
On the Create a directory page:
- For Organization name, enter a name for your Azure AD B2C tenant.
- For Initial domain name, enter a domain name for your Azure AD B2C tenant.
- For Location, select your country/region from the list.
- For Subscription, select your subscription from the list.
- For Resource group, select or search for the resource group that will contain the tenant.
Select Review + create.
Review your directory settings. Then select Create. Learn more about troubleshooting deployment errors.
You can link multiple Azure AD B2C tenants to a single Azure subscription for billing purposes. To link a tenant, you must be an admin in the Azure AD B2C tenant and be assigned at least a Contributor role within the Azure subscription. See Link an Azure AD B2C tenant to a subscription.
Note
When an Azure AD B2C directory is created, an application called b2c-extensions-app
is automatically created inside the new directory. Do not modify or delete it. The application is used by Azure AD B2C for storing user data. Learn more about Azure AD B2C: Extensions app.
Select your B2C tenant directory
To start using your new Azure AD B2C tenant, you need to switch to the directory that contains the tenant:
- In the Azure portal toolbar, select the Directories + subscriptions filter icon.
- On the All Directories tab, find the directory that contains your Azure AD B2C tenant and then select the Switch button next to it.
If at first you don't see your new Azure B2C tenant in the list, refresh your browser window or sign out and sign back in. Then in the Azure portal toolbar, select the Directories + subscriptions filter again.
Add Azure AD B2C as a favorite (optional)
This optional step makes it easier to select your Azure AD B2C tenant in the following and all subsequent tutorials.
Instead of searching for Azure AD B2C in All services every time you want to work with your tenant, you can instead favorite the resource. Then, you can select it from the portal menu's Favorites section to quickly browse to your Azure AD B2C tenant.
You only need to perform this operation once. Before performing these steps, make sure you've switched to the directory containing your Azure AD B2C tenant as described in the previous section, Select your B2C tenant directory.
Sign in to the Azure portal.
In the Azure portal menu, select All services.
In the All services search box, search for Azure AD B2C, hover over the search result, and then select the star icon in the tooltip. Azure AD B2C now appears in the Azure portal under Favorites.
If you want to change the position of your new favorite, go to the Azure portal menu, select Azure AD B2C, and then drag it up or down to the desired position.
Next steps
In this article, you learned how to:
- Create an Azure AD B2C tenant
- Link your tenant to your subscription
- Switch to the directory containing your Azure AD B2C tenant
- Add the Azure AD B2C resource as a Favorite in the Azure portal
Next, learn how to register a web application in your new tenant.