How to configure SMTP for Azure AD B2C custom emails? - azure

I wan to send customized email for SSO via AD B2C. I see that the documentation covers sending custom email via third party providers or via SSPR Technical profile. I'm trying to use the SSPR technical profile.
However, there is no reference as to how the email is sent to the customer. It doesn't explain how the SMTP is configured for AD B2C to be able to send an email from our customized email address. Can someone point of how SMTP is configured for Azure AD B2C.
The documentation for third party emails also don't cover how do we set SMTP configuration.

There is no SMTP.
The SSPR Technical profile uses Azure to send emails. It's all done in the back end.
Similarly, for third parties.

Related

Can we customize SMS Template for Azure AD B2C OTP

Can we customize SMS Template for Azure AD B2C OTP?
Currently the default template looks like below:
"Use verification code xxxxx for [System name]"
Is it possible to change the template for the SMS?
 if you want to use the custom SMS template within B2C, you have to use an external mail provider. The built in email verification has a separate combined OTP and mail provider service that is not able to be decoupled.
Integrate a custom SMS provider in Azure Active Directory B2C (Azure AD B2C) to customized SMS' to users that perform multi factor authentication to your application. By using DisplayControls (currently in preview) and a third-party SMS provider, you can use your own contextualised SMS message, custom Phone Number, as well as support localization and custom one-time password (OTP) settings.
Custom SMS integration requires the use of a third-party SMS provider such as Twilio or your own custom SMS provider.
Check this for more information Custom SMS verification in Azure Active Directory B2C

How to send email code to secondary email (otherMails) in AzureAD B2C

Is it possible to send verification email code to secondary email address (otherMails or alternate email attribute in azure AAD) via azure B2C custom policy?
Currently, customization of the email address is not supported. Azure AD B2C just supports basic customization of emails sent by Azure AD B2C.
You could vote for the feedback here. Please see this similar issue.

2-step authentication to Gmail from Azure App service

I have a Spring boot application run on Azure App Service, from which I want to send emails to users.
I can already do that with a gmail account I created myself, I just needed to turn on "allow less secure apps" feature.
However, I'm required to use another gmail account which belongs to a organization and thus is forced to use 2-step verification as per the organization policy.
Is it possible to complete the 2-step verification process from Azure's App service? What other options do I have?
Is it possible to complete the 2-step verification process from Azure's App service?
In short, we couldn't do that from Azure's App service directly with you gmail account.
From goolge document we could know
that 2-Step Verification adds an extra layer of security to your users' managed Google accounts by requiring them to enter a verification code in addition to their username and password when signing in to their account.
In your case, according to your organization policy the google account is forced to enable 2-Step Verification. Based on my understanding, we can't do from the Azure's App service directly.
What other options do I have?
Based on my experince, you could registry a SendGrid account with your organization gmail account. Then you could use sendgrid to send the email to other users. Then other users could get the email from the organization gmail account but maybe there is no sent mails in the organization gmail account. More detail please refer to How to Send Email Using SendGrid with Azure.
Note: I don't test it on my side.

How to get email address from Azure AD B2C authentication?

I am trying to get Azure AD B2C to get the users email address but I don't see anything in the token that provides it, even though my signin/signup policy makes a "claim" on the users email address. How do you do I get the email address? More generally, is there any documentation other than the samples that explains how this service is intended to work?
Under application claims, check Email Addresses.
Here's some documentation about selecting claims/setup.

Is it possible to provide a passwordless login via email (like Slack's magic log-in links) using AAD B2C?

I would like to have the administrator of my app create users in Azure AD B2C and then have Azure AD B2C send a passwordless link to the user via email or pass me the link so that I can send it via email. Is this possible via the existing service or API?
This article helps explain the concept using Auth0:
https://auth0.com/docs/connections/passwordless/regular-web-app-email-link
I asked Swaroop Krishnamurthy (#swaroop_kmurthy) this same question via Twitter and received this response from him on 9/8/2016, "#keithdholloway this is on our roadmap but a bit further out than the near term."
No.
There is no support for this, developer must use AD B2C Policy for Authentication, always via a WebView.
I went to a meetup yesterday about Azure AD B2C Custom Policies. I asked the speaker if he knew if they could handle passwordless login, like entering your email address on an MFD then getting a popup on your mobile app to approve/deny but he wasn't sure. Later on he sent me Azure Active Directory B2C: Custom CIAM User Journeys - Multi factor authentication enhancements. From this it looks like Azure AD B2C: TOTP multi-factor authentication may have some useful examples.

Resources