azure-ad-b2c

问题 I've set up a Custom Policy in Azure AD B2C following the guide provided here: https://docs.microsoft.com/azure/active-directory-b2c/active-directory-b2c-setup-sf-app-custom I've actually set up the IdP as SSOCircle instead of SalesForce, and this seems to work until the redirection to the Service Provider Assertion Consumer Url of https://login.microsoftonline.com/te/TENANT.onmicrosoft.com/B2C_1A_TrustFrameworkBase/samlp/sso/assertionconsumer I've added Application Insights in order to

问题 I could not assign TokenLifetimePolicy Azure AD application policy from PowerShell. I had an error BadRequest : Message: Open navigation properties are not supported on OpenTypes.Property name: 'policies I am trying to implement token expiry time from Configurable token lifetimes in Azure Active Directory See screenshot below, any useful links and solutions on the AzureAD cmdlet Add-AzureADApplicationPolicy are welcome 回答1: I made it work by only using New-AzureADPolicy cmdlet and setting

问题 I am working on adding a custom SAML 2.0 identity provider (Okta) to use with my B2C tenant. I have configured it and it works great when I initiate the login from my application. However, when I initiate the login from the identity provider (Okta) it fails to login. The first attempt I received this error from B2C: "does not specify first step or the first step is not a claims exchange". As a result of this error, I removed the extra claims providers from the custom policy so the

问题 I have a on-premises database, and I need to use Azure AD B2C. AD B2C needs to use data from the on-premises database. So one way to implmenent it is to create a new Azure AD from the on-premises database. The question is that how should I go about creating a new Azure AD and import database schema into the new Azure AD, and populate user data? Is my thinking above correct? Update When setup, we migrate data first, then after migration, we need a sync job to sync the data maybe once every few

问题 I have created a policy that internally uses a Identity provider. On clicking run now I see the below error http://localhost:3000/#error=server_error&error_description=AADB2C%3a+An+exception+has+occurred.%0d%0aCorrelation+ID%3a+84fa6f8d-6aac-4588-9d26-fd987c31ebc0%0d%0aTimestamp%3a+2018-10-13+05%3a26%3a26Z%0d%0a I am using a Inbuilt policy. the Policy uses a Identity provider that connects to other Azure AD. The reply urls on the AD's application are set same. What could be the issue here?

问题 I got the error below after following the example below: https://docs.microsoft.com/en-gb/azure/active-directory-b2c/configure-ropc HTTP/1.1 404 Not Found Cache-Control: private Content-Type: text/html Server: Microsoft-IIS/10.0 X-Frame-Options: DENY Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block 404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or

问题 When I try to execute my sign-up policy I'm receiving: Why ? 回答1: I was trying to display the field but I hadn't defined the <UserInputType> node. <ClaimType Id="extension_HelloWorld"> <DisplayName>Hello World</DisplayName> <DataType>string</DataType> <DefaultPartnerClaimTypes> <Protocol Name="OAuth2" PartnerClaimType="HelloWorld" /> <Protocol Name="OpenIdConnect" PartnerClaimType="HelloWorld" /> </DefaultPartnerClaimTypes> <!-- I had the following line commented out --> <!--<UserInputType

问题 I have an Azure AD B2C token that seems to be correctly returning the currently logged-in user's name. Here is a screenshot from jwt.ms which I am using to decode the token returned by the application after I have logged in: However, then I attempt to use @User.Identity.Name in my _Layout.cshtml . Why is it null? Shouldn't it be equal to the "name" value in the screenshot? 回答1: It turned out I was missing the line marked by the comments: app.UseOpenIdConnectAuthentication( new

问题 Right now the ProfileEdit.xml file that comes with active-directory-b2c-custom-policy-starterpack asks the user to sign in before actually letting them get to the Edit Profile page. The use case I'm trying to accomplish is a little bit different. The user is already signed in to the app and there's a button Edit Profile that when clicked will take the user to the Edit Profile page. That is, there should be no Sign in again. My app allows the user to sign in using: Facebook and Local Account

问题 I've been working on a multi-app project for a few months now using Azure App Service for my database and ADD B2C for authentication. There are three applications in this project: an admin WPF app, a client web app, and an employee WPF app. All three applications use client managed authentication with my B2C tenant by getting a token from B2C and using that token to login to the App Service database. Everything has been working fine until seemingly overnight I am no longer able to