External AD connection (B2C)

This article describes how to activate the JungleMail 365 Azure AD Connection for non-native tenant using Azure AD B2C service.


Overview

Out of the box, JungleMail activates Azure AD Connection for the native Azure AD tenant of the user account which was used during activation procedure (user who consented to the “JungleMail 365 Azure AD Connection” app in the popup login window). User cannot select other Azure AD tenant during activation process.

Note

Azure AD Connection is activated on each JungleMail site separately. You can use different Azure AD tenants for each JungleMail site, but only one Azure AD tenant per JungleMail site is possible.


Solution

Option 1. Use native user account

You can create a normal native Azure AD user account in the target Azure AD tenant (B2C) and use this user account for Azure AD Connection activation procedure. User must have Global Administrator role on the target tenant.

  1. Sign in to JungleMail 365 using JungleMail administrator account;
  2. Navigate to the specific JungleMail 365 site;
  3. Open JungleMail Settings > Connections page;
  4. Click “Authorize and enable” next to “Azure Active Directory Connection” (if it is already enabled, disable it first);
  5. Provide user credentials for activation (user’s native tenant will be used);
  6. Complete the activation procedure;
  7. Navigate to Create Newsletter, select “Office 365, AD groups” and verify that connection works.

Option 2. Use non-native user account

You can use user from Azure AD tenant “A”, but active Azure AD Connection for target tenant “B” (B2C). You should invite user from tenant “A” to tenant “B” and assign them Global administrator role in the target tenant “B”.

  1. Open Azure or Azure AD portal, switch to your target tenant “B” (B2C) and obtain Tenant ID;
  2. Sign in to JungleMail 365 using JungleMail administrator account;
  3. Navigate to the specific JungleMail 365 site;
  4. Open JungleMail Settings > Connections page;
  5. Click “Authorize and enable” next to “Azure Active Directory Connection” (if it is already enabled, disable it first);
  6. Wait for the Microsoft login page, copy popup window URL and close it;
    Example:

    https://login.microsoftonline.com/ common/adminconsent?client_id=8ae378ee-xxxx-xxxx-xxxx-d543ea8d11a1&redirect_uri=https%3a%2f%2fapp-eu.junglemail365.com%2fPages%2fSettings%2fAzureAdAuthorization.aspx&state=SiteId%3dced91938-3108-4905-a6d9-5980f1734d2e%26IsReply%3d1

  7. Modify URL and replace word “common” in the address with your target tenant “B” (B2C) ID (primary domain name should also work)
    Example:

    https://login.microsoftonline.com/ c79cbfd4-xxxx-xxxx-xxxx-06719f085199/adminconsent?client_id=8ae378ee-xxxx-xxxx-xxxx-d543ea8d11a1&redirect_uri=https%3a%2f%2fapp-eu.junglemail365.com%2fPages%2fSettings%2fAzureAdAuthorization.aspx&state=SiteId%3dced91938-3108-4905-a6d9-5980f1734d2e%26IsReply%3d1

  8. Open modified URL in the new tab of same browser session;
  9. Provide user credentials for activation (user’s non-native tenant will be used);
  10. Complete the activation procedure and close tab;
  11. Go back to the JungleMail and refresh page in the browser;
  12. Navigate to Create Newsletter, select “Office 365, AD groups” and verify that connection works;

Recommended setup

Since only one Azure AD connection per JungleMail Communication Site is possible, we recommend creating a separate Communication Site in JungleMail and activate the Azure AD B2C connection on this new site.
Learn more how to create and manage a JungleMail Communication Site in this article.
This way, your internal newsletters will be sent and reviewed on your main JungleMail Communication Site, while external emails sent to Azure AD B2C recipients will be available on a separate JungleMail Communication Site.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.