Microsoft Entra External ID Custom URL Domains—now generally available

Table of Contents

1. Custom URL domains
2. Key features
3. Setting up custom URL domains
   • Prerequisites
   • Configure Microsoft Entra External ID
   • Associate Custom domain names with Custom URL Domains
   • Configure Azure Front Door
   • Configure features to use custom URL domains

---

Custom URL domains

Custom URL domains enable organizations to customize the authentication experience by using their own domain names.

Key features

• Customization and branding: Customize authentication pages with your own domain name for a unified login experience.
• Impact on metadata endpoint: Changing a custom URL domain will also affect the metadata endpoint.

Setting up custom URL domains

Prerequisites

• An external tenant
• A valid custom domain
• An Azure Front Door subscription

Configure Microsoft Entra External ID

1. Verify domain ownership by adding your custom URL domain to your external tenant.
2. Go to Microsoft Entra admin centre > Domain Names > Custom domain names > Add domain.
3. Add your DNS information to the domain registrar.

Associate Custom domain names with Custom URL Domains

1. Navigate to the Microsoft Entra admin center > Domain names > Custom URL domains.

Configure Azure Front Door

1. Add an AFD instance (if not already set up).
2. Associate your custom URL domain with the AFD and enable the route.

Configure features to use custom URL domains

• Microsoft Authentication Library (MSAL): Update MSAL according to your development language.
• Social Identity providers: Update the IDP list of redirect URIs to include custom domains.

For guidance, refer to example of MSAL.js. Subscribe to the Identity developer blog for insights and updates. Follow on YouTube for video content and join the research panel for participation in customer research.