azure-ad-b2c

问题 I am trying to use the OAUTH-KV Claims Resolver to extract the value of a parameter named foo passed to an AAD B2C custom policy authorize endpoint as a claim, also named foo . The foo ClaimType is defined as <ClaimType Id="foo"> <DisplayName>Foo debug claim</DisplayName> <DataType>string</DataType> <UserInputType>TextBox</UserInputType> </ClaimType> and the TechnicalProfile as <TechnicalProfile Id="LocalAccount-Register"> <DisplayName>Register</DisplayName> <Protocol Name="Proprietary"

问题 We are testing MFA on Azure AD B2C using the sample found here: https://github.com/azure-ad-b2c/samples/tree/master/policies/mfa-unknown-devices We know it can be done via the Azure Portal, but it is not an option for us to give customers access to our tenant (customer self service). Previous posts pointed me to wait for an update from Graph API, and we are playing with the beta now: https://docs.microsoft.com/en-us/graph/api/resources/authenticationmethods-overview?view=graph-rest-beta

问题 I have an extension claim type say extension_isEmailVerified . I want to block user from login based on the value of this claim type. If it is true then user can login and if false then need to show an error message in the login page that your email is not verified. <TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email"> <DisplayName>Local Account Signin</DisplayName> <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0

问题 I am trying to get list of Azure AD B2C users based on code sample provided Here. GraphServiceClient graphClient = new GraphServiceClient( authProvider ); var users = await graphClient.Users .Request() .GetAsync(); Which is loading users as expected when I try with .Net core console application or .Net core web application. But I need to load users in .net core class library project. (Azure function project to be specific). But same code in .net core class library throws below expection while

问题 I cannot resolve this error, i have a .net core web api, with a react application inside of it ( net core react template ) I have also added cors: services.AddCors(options => { options.AddPolicy("AllowMyOrigin", builder => builder.WithOrigins("https://localhost:44300") .AllowAnyHeader() .AllowAnyMethod() .AllowCredentials() ); }); I have tried multiple things but i cant get past this error. I have found loads of material online to try and nothing seems to work i feel like i am missing

问题 I have an Azure AD B2C tenant. I have created a (default) SignUpAndSignInPolicy and added a custom UI template for the sign-in page, the sign-up page and the reset-password page. All is working well except, on the sign-up page as well as on the reset-password page, the form input fields are always marked "invalid" on the initial load. This causes the error hint to be visible, although there was no user input yet into the form field. I want to have the same experience as on the sample page of

问题 I have an Azure AD B2C tenant. I have created a (default) SignUpAndSignInPolicy and added a custom UI template for the sign-in page, the sign-up page and the reset-password page. All is working well except, on the sign-up page as well as on the reset-password page, the form input fields are always marked "invalid" on the initial load. This causes the error hint to be visible, although there was no user input yet into the form field. I want to have the same experience as on the sample page of

问题 I have an Azure AD B2C tenant. I have created a (default) SignUpAndSignInPolicy and added a custom UI template for the sign-in page, the sign-up page and the reset-password page. All is working well except, on the sign-up page as well as on the reset-password page, the form input fields are always marked "invalid" on the initial load. This causes the error hint to be visible, although there was no user input yet into the form field. I want to have the same experience as on the sample page of

问题 After a user is authenticated into my Azure AD B2C web application, I attempt to retrieve User.Identity.Name ; however, it is null. Yet, User.Identity.m_instance_claims[9] , as shown in the screenshot below, does correctly have the name. How can this be? How can I get User.Identity.Name = User.Identity.m_instance_claims[9] ? (Note that the latter is a private variable, and it cannot be used as a substitute for User.Identity.Name . UPDATE I have also added the following to the Web.config file:

问题 The REST API call in an Azure AD B2C custom policy defines a fixed URL in the "ServiceUrl" field. The Graph API call for a read is of the form e.g.: .../users/objectID so the URL needs to be dynamic. You could add objectID as an input claim but how would it get into the URL? The output is a JSON object. I presume you could do a claims transformation on that to get a particular attribute defined in the output claim. Writing to the Graph API requires a PATCH but the custom policy REST API call