I followed the tutorial here to be able to ask user's consent and store it in the AD as custom extension (from what I did understood...)
The custom flow seems to work well (consents are asked during signup process) but then I want to verify them in the AD (and maybe delete them from the admin console for new tests) I did not found where I can see them...
I tried to retrieve them through MS Graph API explorer (I started in on my tenant on the URL https://developer.microsoft.com/en-us/graph/graph-explorer?tenant=xxxx.onmicrosoft.com) and I try to call the endpoint https://graph.microsoft.com/v1.0/users/ae29dab2-...-f4d813ca6dec/extensions but I get no extensions back...
Am I doing things right ? Is there another way to verify what are the current user's custom extensions ?
I think those extensions are well stored, because when I try to login again with the same user, no consents is asked anymore...
Thanks in advance for your help!
Try https://graph.microsoft.com/beta/users/UsersObjectId. It will return their extension attributes in the response.
Related
I'm using Azure B2C. I have a custom claim I want include on profile edit. This is the built in user flow for Profile Edit (B2C_1_ProfileEdit).
I go to Application claims, select my claim, and click Save I get an error message
"Unexpected error, please try again later"
No details were given in the error message.
What could this be? I'm not sure where to look to debug it? Any ideas?
I was about to create a support ticket with Microsoft today. Before I did that, I tried to update it again and it worked this time. Must have been an Azure problem !
i am building a website where you can get services for your Instagram account, i want to create a Search box that when you put your user name (e.g. "#John") it returns your profile picture and asks you if that is the correct profile (without logging in to your Instagram account),
I've found a website that made that possible already, does any one know how?!
the website - https://app.get-notch.com/acquisition/instagram-username
thank you in advance!
You should check out this resource that allows you to do that. See an implementation of it here and test it here.
I am trying the Azure ADB2C based on articles and videos. Followed the steps and I have configured the properties for user flows as well. When I click on the Run user flow, it opens up the sign up sign dialog, I add a user with the details. Once the user is added, it goes to my reply url https://jwt.ms.
Based on the url in the browser, I felt it should have worked. But for some reason, the boxes are shown empty.
The url that I see is...
https://jwt.ms/?code=eyJraWQiOiJjcGltY29yZV8wOTI1MjAxNSIsInZlciI6IjEuMCIsInppcCI6IkRlZmxhdGUiLCJzZXIiOiIxLjAifQ..EiDn2BjcA8xTRac1.2pNAFLdcbOupozfuKIC8T9VXmL4zz8iEisf6PsNyxDYzVJcl2vfwwrtMpqJvsC-xeSPyrHUgVpdblKiVfILllrOsWj7MJbTX0QNlzPEAItTGoRow3A2F4FWBR7Y28PQcxeZwa05SMpKhoNutdmnRq-usM7VMc0eYXjJ2JXTSc1piwYf14Na5We9arijagkmVvHFBDLDnjaVBUixEF5_dTGWAjnwAXRIII-plBZBoFZCZ2XtdSLu5LYWSJXBxuA5lqDaVN3OHLOP92VZkNRgB97UPIO3aSe9s44XEEGe5COpTWhzxoOXy53ydnCG8xZwYFKA_J54hGdKLGZrE-BYOW0sU7Dcevq1iwaBqJ3K3CwM6s9o6zCwsAf2pUlAuXYfwk8kA9SKi0fmNiUsSskWhUgiJTPSlqq_woWPGgX3JZpiHTDNbOCA5VUgToEYmDgReOb4M-MeCSCcKWb315vP3UPgzE1LpRet1AFMGqcNznUd8jkP39uaRdLDDP5VAZy7pmeN-GPQJYCcyfdJCRJc1yPoiRYM4SdBUecQTioRkZ95l0y1ANZ3yYSB6eAV_B83KL4EdSIM.e3NVLoGCNXgfloDFbzZimg
Could some one help me understand why the token is not being shown in the browser?
Please Note: The user is created with No issues. its just the reply of token that I see as issue.
Found the cause of the issue.
I had to enable the Implicit grant for both Access tokens and ID Tokens for the app I created.
I am not sure if I am on the right path, but I am attempting to retrieve my contacts within an Azure Function. I don't need to present a login as this is only for my account. I just want to be able to retrieve my Contacts from the Graph without having to explicitly authenticate. Is this possible? My attempts have failed and I ultimately get stuck trying to add permission...
When I click to add Permission, I get this error:
I am trying to use AAD to authenticate. I tried creating the function within the Portal and also from VS. Any suggestions? Thanks!!
You could follow the steps below to fix the issue.
1.Navigate to the Authentication / Authorization of your function app, click the red frame part like the screenshot.
Go to Manage Permissions -> Add -> select the Windows Azure Active Directory API and Sign in and read user profile permission
Then refresh the portal, it will work fine.
I'm working with Azure B2C from a MVC (4.6) WebApp. I've followed this guide to make it work and it's all good:
https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-web-dotnet
However, regarding the Edit Profile Policy, I need custom values coming from another system for a specific User profile property (i.e: Favorite Categories, coming from a custom Categories table). I don't want to add all the possible categories to the User profile property settings in the Azure portal, cos values can change frequently. So, couple of questions:
1- Is there a way to tell Azure AD B2C Edit profile policy, what are the values to use for a specific user profile property? (I don't think so)
2- Can I call the Edit Profile policy Endpoint to update the user profile? that way, I'd have a custom page with the user profile properties, and I will update the user from code. I've "fiddled" the MS page, and it's doing a post to a specific endpoint, but I'm not able to make it work from code. I've also tried a bunch of different things.
The only approach that seems will work is to call the Graph API from code, following this article (but it requires to register another App from PowerShell, and also, execute the action with an App Token, instead of the current logged user):
https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet
Any help would be very appreciate it.
Thanks a lot.
1- Is there a way to tell Azure AD B2C Edit profile policy, what are the values to use for a specific user profile property? (I don't think so)
No. All the users use the policy you config on the portal. We can create multiple profile edit policy and choose the right policy based on you business with custom code.
2- Can I call the Edit Profile policy Endpoint to update the user profile? that way, I'd have a custom page with the user profile properties, and I will update the user from code. I've "fiddled" the MS page, and it's doing a post to a specific endpoint, but I'm not able to make it work from code. I've also tried a bunch of different things.
No. It is impossible. As you mentioned, if you want to update the users profile programatically, the Azure AD Graph is recommend.
you not able use JS, but you able customize with css;
(enable cors to ms login domain on your web app etc)
see msdm docs all are desribed;
you able add custom properties in AD B2C to user sign up; so to edit profile should be possible too;
https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-ui-customization