In Azure ADB2C pwd reset policy, once the user provides email and enters verification code can change email or update password. How to disable the option to change email and only give the ability to change password. Any help would be appreciated
The only way is to use CSS to hide the element.
Navigate to Page layouts, and then under Forgot password page, click Yes for Use custom page content. You could refer to the doc about customize UI.
Add code in the xxx.css(sample) of reset password.
#email_ver_but_edit {
display: none;
}
Related
I have managed to get the modern Home Realm Discovery (HRD) policy working with our directory and several federated IdPs. However, there is a loophole that I would like to be able to close. If a non-federated domain email is used, the user is then forwarded on to Local Account login with username (i.e., email) and password, but the email value can still be changed, including to one using a federated domain. Also, the Forgot Password dialog does not seem to pre-populate the email address so it can, again, be changed to any email address. Finally, even after verifying the email, there is the "Change Email" option.
I would like to be able to either
Lock in the entered email after HRD "failure" until the user
completes or cancels the login,
Detect any changes to an email address in a known federated customer domain and send them back into the federated flow or...
Detect such changes and just error out.
Any ideas how to make this work? I did a little experimenting with the readOnlyEmail examples I saw but either something complained that it did not exist (like ParseDomain) or it was still rendered as a mutable field rather than read-only.
-GBS
• Yes, you can prevent the email id to change even after verification of email in ‘home realm discovery’ step by hiding the email from change or making it grey after entering it for verification email step. You can do this by adding the CSS entry below to your HRD enabled HTML page by customizing your HTML page template.
‘ <style type="text/css">
.changeClaims
{
visibility: hidden;
}
</style> ‘
To customize your HRD enabled sign in and sign-up HTML page with the above entry, please refer to the documentation link below for detailed information. From the below link, download the default HTML page and modify it with the above entry in appropriate location, then save it in your repository from where you access the HTML files and modify the custom policy accordingly, i.e., with the ‘api.signin or signup’ content definition building blocks and save it.
https://learn.microsoft.com/en-us/azure/active-directory-b2c/customize-ui-with-html?pivots=b2c-custom-policy
By following the steps in the above link, you will be able to customize your HRD enabled sign in and sign-up page with also greying out the change email option. Also, to complete the prerequisites for it and referring the options regarding changing the email option, please refer the below link: -
https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-password-reset-policy?pivots=b2c-custom-policy#hide-the-change-email-button
Is there a way to remove autofill from email and password field in adb2c with custom policies?
Thank you rbrayb for the comment.
It seems to be browser functionality. No way to restrict this from the AAD B2C custom policy.
Clear cache and history and Clear saved password and email ID's on browser.
Also change instead of autocomplete="off" use autocomplete="false" on Chrome
I've personalized a user flow to use a HTML page and it works very well. I've also added it to the login user flow.
My problem is when the user goes to the reset password flow (that is right), send the code to his email and click "Continue". The page after, where the user inputs the new password, doesn't have the HTML that I've personalized and I don't find where I can do set it.
Thanks for any help!
So, I've found it!
On Page Layout there are multiple Layouts associated with the User Flow.
I just added the custom page to the Layout Change password page and that's it.
in Azure AD B2C passwordless with email authentication/Password reset (custom policy ) first we need to enter email address and default test is "Verification is necessary. Please click Send button".But after entering email address it lands to second page where we need to put OTP,
the message "Verification is necessary. Please click Send button." is also apperaing in second page also.
hoe can i remove it from second page??
I am using this sample.
just remove
display: block !important;
from div#email_intro css
I have a application registerd in Azure AD B2C, When new user logs in for the very first time he is redirected to the attached screen for updating the password. The issue here is that the user does not know what combination of password he needs to input untill and unless a specific combination works.
I need to customize this screen to display user friendly lable telling the user what combination of password he/she needs to enter on this screen.
enter image description here
With AAD B2C you can customize the user interface, which including the sign-up/sign-in, profile editing and password resetting experiences. This documentation outlines how to do the UX customization, test out the templates in the portal and has a few tutorials on setting it up.
Here are the specifics on password rule enforcement.