azure-ad-b2c

问题 Since Microsoft Graph API doesn't have the feature to manage B2C AD Users, from one of the docs we have been asked to use ADAL which required to create a special application in the Azure AD B2C tenant. Created an application key to provide API access from the xamarin.ios app. AuthenticationContext authContext = new AuthenticationContext(authority); credential = new ClientCredential(clientId, GraphClientSecret); authResult = await authContext.AcquireTokenAsync(graphResourceUri, credential); At

问题 I'm using .NET Core, with Azure B2C Authentication. On the project I'm developing, I can find the @User.Identity.Name, but I cant find the C# object name/path for the other "built in" User Attributes such as @User.Identity.UserID , @User.Identity.firstTimeLogging, @User.Identity.firstName. These Attribute are enabled in Azure AD. Thank you for your time. 回答1: You can access custom claims by including them in the token sent to the app or by querying the Azure AD Graph API (not the Microsoft

问题 I'm using B2C custom policies for local and social accounts. I understand that with custom policies the password expires in 90 days and I can remove expiration for each user individually with this procedures: Azure AD B2C password expiration But I want to update the custom policy so new users have the no expiration behavior. How can I accomplish this? Thanks in advance! Germán 回答1: To disable expiration of passwords, you must set the passwordPolicies property of the user object to

问题 I did localisation in my custom policy, but in certain steps I'm calling REST API to validate some data. Response is coming in English, but now I need to translate that messages too as a part of localisation. Is there any way to do this in B2C? Here is the response I'm getting from API: { "userMessage": "Password is incorrect", "version":"1.0.0", "status:: 409, "code": "API12345", "requestId":"50f0bd91-2ff4-4b8f-828f-00f170519ddb", "developerMessage":"Verbose description of problem and how to

问题 From testing, it appears Validation Technical Profiles are only used when added to SelfAssserted Technical Profiles E.g the following: <TechnicalProfile Id="ExternalIDP"> <DisplayName>Some External IdP</DisplayName> <Protocol Name="OpenIdConnect" /> <Metadata> <!-- ... --> </Metadata> <OutputClaims> <!-- ... --> </OutputClaims> <ValidationTechnicalProfiles> <ValidationTechnicalProfile ReferenceId="FETCH-MORE-CLAIMS" /> </ValidationTechnicalProfiles> </TechnicalProfile> does not appear to call

问题 I am leading a large team of azure functions developers. So, most of the examples quoted by Microsoft using the azure web interface don't work for me. I am developing Azure functions locally using emulators to save some costs. I publish all my functions through visual studio into my integration environment. I am developing a bunch of azure functions that need the api gateway to handle the authentication workflows using Azure AD B2C. Now, there's no api gateway emulator or an Azure AD B2C

问题 While using loginRedirect() OR acquireTokenRedirect() , I am getting below given error: redirect_uri_mismatch:AADB2C90006%3a The redirect URI 'http%3a%2f%2flocalhost%3a4200%2fsubscription' provided in the request is not registered for the client id 'blah-blah-blah'. Correlation ID%3a 29978079-45a7-4f85-a9bf-4cde9d3adc84 Timestamp%3a 2017-09-29 05%3a32%3a22Z Note: client id is same which I am using in my tenant config as well as configured in Azure. Please let me know why I am getting a

问题 Is it possible to secure a Web API in an App Service within Azure, using the built in Authentication/Authorization options and at the same time access it using the OAuth Client Credential Grant flow? I have an app service being authenticated with Azure AD B2C. In that B2C tenant I have the web app/API registered and authentication working fine for using the web app. I added a scope in the Published Scopes section of that AD B2C app and also added an App ID URI for that scope. Then I created

问题 I am using starter pack of custom polices with SocialAndLocalAccounts pack. It is working fine for me. But I am facing one issue.I need to get email as claim after successfully login. I am getting email as claim, once user has been been signed-up and redirects back immediately to application. but I am not getting it when a user simply signs-in. How can I get that? where do I need to write an Output Claim to get the value of email in claim? Kindly help me. Thanks 回答1: Following describes how

问题 How can I request an Access Token in Postman against an Azure AD B2C tenant? I tried taking the url from Run Now in the Azure portal and putting that in the Auth Url but that produces the following error: Update Following Chris's answer, I'm now past the above error. I'm able to sign-in but still can't get an access token: AADB2C90085: The service has encountered an internal error. Please reauthenticate and try again. Correlation ID: 45c56d47-4739-465f-8e02-49ba5b3a1b86 Timestamp: 2017-11-16