azure-ad-b2c

Why is Redirect URL Fully Qualified in Azure AD B2C?

限于喜欢 提交于 2019-11-27 05:35:44
Why does the redirect URL have to match completely? Wouldn't matching at the domain level be sufficient enough for proper security? What if I had hundreds of paths? example urls: https://myawesomesite.com https://myawesomesite.com/account/profile https://myawesomesite.com/games/fungame/points https://www.myawesomesite.com/games/fungame/points ... I would have to enter the 4 above redirect urls into my B2C app configuration. This is actually discussed in RFC 6819 "OAuth 2.0 Threat Model and Security Considerations" sections 4.1.5 , 4.2.4 and 5.2.3.5 . 4.1.5. Threat: Open Redirectors on Client

B2C - Open registrar form instead login form

馋奶兔 提交于 2019-11-27 04:54:39
问题 I am using Azure B2C authorization for my single app Azure functions. I allowing user to login with google account or with user name / password. In order to show login page I used msal library. Now I have a situation, where I want to show user the registration page directly, and not first the login page and then he have to click create new account. Is there a way to do it? with msal or a different library? 回答1: Nope, but you can create a "Sign up policy" and link directly to that. 来源: https:/

Azure AD B2C - Role management

倖福魔咒の 提交于 2019-11-27 03:59:59
I have an Asp.NET MVC Application connected with Azure AD B2C. In the Administrator settings I've created an Administrators Group: In my code I would like to use [Authorize(Roles = "Administrator")] With regular Azure Active Directory it was easy to add (just 3 lines of code). But for the Azure AD B2C I cannot find any tutorial or example in the web which is working. Maybe you can tell me what i need to modify. Here is the ConfigureAuth method of my Startup.Auth.cs public void ConfigureAuth(IAppBuilder app) { app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults

Azure Portal: Bad Request - Request Too Long

一曲冷凌霜 提交于 2019-11-27 02:40:21
问题 I just received the following error when I tried to run a built-in b2c edit policy from portal.azure.com. I have 2 tabs of the portal open. Why am I receiving this error? Bad Request - Request Too Long HTTP Error 400. The size of the request headers is too long. Note: I experienced this same error message when testing active-directory-b2c-dotnet-webapp-and-webapi sample project. The reason provided was I was sending too many cookies. Is it the same problem? If it is the same problem, shouldn

Sign-up policy - Set user attributes through code

孤人 提交于 2019-11-26 21:43:43
问题 I want to programatically set user attributes for the sign up policy. I saw a previous question (Pass parameters to Sign-up policy) asked over a year ago and it was not possible at the time. Any update on this? Is this possible with the AuthenticationProperties.Dictionary property? Something like this? HttpContext.GetOwinContext().Set("Policy", Startup.SignUpPolicyId); var authenticationProperties = new AuthenticationProperties(); authenticationProperties.Dictionary.Add("myattribute",

What's the difference between Azure AD B2C tenant and normal Azure AD tenant?

好久不见. 提交于 2019-11-26 21:19:14
问题 I've seen so many people are very confused about what we can do in Azure AD B2C tenant and the difference between a B2C tenant and normal Azure AD tenant. The main questions are: What's the difference between Azure AD B2C tenant and normal Azure AD tenant? Since I can even use some features in B2C tenant, such as Azure AD Connect, buy a new subscription in B2C tenant and use it and so on, Should I use these features? Why give me these features in the B2C tenant? Why not just use B2C in normal

Azure AD B2C pre-populate a custom attribute in the SignUp policy

和自甴很熟 提交于 2019-11-26 21:01:17
问题 Does Azure AD B2C support pre-populating a custom attribute in the SignUp Policy when called from the Web application (ASP.Net MVC)? We can create a custom SignUp attribute but we weren't able to find a specification in the documentation how to pass value to populate the custom attribute. If this is not supported out of the box, does anybody found a workaround? Here are some more details for the context in case somebody has faced a similar scenario and found a useful solution: We explore the

Which Graph API should be used with Azure AD B2C

ぐ巨炮叔叔 提交于 2019-11-26 19:02:24
We are looking at using Azure AD B2C in an application and I am confused about which package to use when working with Azure AD B2C. This question discusses the difference between the MSAL and ADAL library: MSAL or ADAL library for use with Azure AD B2C and Xamarin . In addition to that, there is now a warning on the Azure AD Graph API reference to instead use the Microsoft Graph API. None of the examples for B2C seem to use Microsoft Graph API and there appears to be no description of the level of support for Microsoft Graph with B2C. I need to be able to create users with custom attributes in

Azure AD B2C self service password reset link doesn't work

若如初见. 提交于 2019-11-26 13:07:47
问题 I have been able to properly setup sign-up/sign-in policy for a tenant I\'m testing. I have set the Reset Password property to allow everybody to reset their password using their email. Currently the user signs up using their email (also their username), first name, and last name. However, when I click on the \"I forgot my password\" link on the sign in page, it just redirects me back to the same page. Is there something I\'m missing here? 回答1: There are two different mechanisms for Password

Azure AD B2C - Role management

邮差的信 提交于 2019-11-26 10:59:32
问题 I have an Asp.NET MVC Application connected with Azure AD B2C. In the Administrator settings I\'ve created an Administrators Group: In my code I would like to use [Authorize(Roles = \"Administrator\")] With regular Azure Active Directory it was easy to add (just 3 lines of code). But for the Azure AD B2C I cannot find any tutorial or example in the web which is working. Maybe you can tell me what i need to modify. Here is the ConfigureAuth method of my Startup.Auth.cs public void
订阅 azure-ad-b2c