We are currently using the B2C_1_SignInNative User Flow in an Android and iOS app. That user flow has a User Name and Password UI as well as a "Don't have an account? Sign up now" optional flow.
We are using the out of the box customisation capability to show a custom wrapping page into which the standard UI is injected. This has served us well while the app has only been available as private release however we will soon be moving to public app store so will be inviting users outside of the app and the app B2C flow will be sign in only.
We'd like to remove the "Sign up now" flow from existing installs. Is it possible to remove that? Alternatively are we allowed to add some custom CSS to our wrapping page to hide the link?
UPDATE
So we definitely can add some custom CSS to hide the "Sign up now" action but unfortunately the page and contents are cached in the app browser. We are relying on the Microsoft.Identity.Client library to show the browser UI
It seems that you are using a "Sign up and sign in" flow.
In order to not have the "Sign up now" option, you can create a "Sign In" only flow by selecting one of the bellow during flow creation:
Related
In azure b2c, I have a standard "Sign up v2" user flow with multiple providers including local accounts.
When I navigate to the signup page and click on "email address" (meaning signup with a new local account) it redirects me to the correct local signup page but the standard fields (email, password, etc) do not get added to the page. There are no errors in the javascript console or network access failures.
The setup in question has a custom "idp selection page", a custom "local account signup page" and javascript layout turned on in the user flow. Neither custom page has any javascript so nothing gets altered on the page (although I do need to add some). It works as expected when I turn javascript off, use a standard idp selection page or use a standard local account signup page.
The most interesting observation I have is in the fail case the url used when "email" is clicked is in the form:
https://<custom page domain name>/tenant name>.onmicrosoft.com/B2C_1_signup/api/ClaimsProviderSelection/selected?accountId=SignUpWithLogonEmailExchange
In the cases that succeed the url is in the form:
https://<tenant name>.b2clogin.com/<tenant name>.onmicrosoft.com/B2C_1_signup/api/ClaimsProviderSelection/selected?accountId=SignUpWithLogonEmailExchange
The navigation that occurs when the user clicks on the "email" button seems outside of the control of the configuration options, it seems to be completely internal.
To be clear, in the case where I have a custom idp selection page and standard local signup page and the case where I have a standard idp selection age and custom local signup page the url is in the form
https://<tenant name>.b2clogin.com/<tenant name>.onmicrosoft.com/B2C_1_signup/api/ClaimsProviderSelection/selected?accountId=SignUpWithLogonEmailExchange
Its only when both are custom and javascript is on that it uses the custom page domain.
Any idea where I can look to fix or get more details on this?
I'm working with actions on google and dialogflow, and recently they proposed google signin to make account linking fast without writing own oauth server.
Today I implemented their google signin in my dialogflow app it is working quite fine but unfortunately I am unable to delete that account to check all development aspects, I tried my other google accounts and my friends account but soon ended up out of accounts
Un other methods when i enable and disable testing it forget about linking but in google signin it is tightly stick with the account, and i have tried almost everything i can try like restarting my phone and clearing cache of chrome browser but it looks like it is saving account somewhere in cloud.
What i need to do is, when i sign in first time it ask for name permission, i need that screen again and again for testing something
Google calls this Removing a Website or App that has access to your account. It is done using the myaccount.google.com console.
If you want to do this using Android, the easiest way is to:
Open your device's Settings app Settings app and then Google and then Google Account.
At the top, tap Security.
Under "Signing in to other sites," tap Signing in with Google.
Tap the name of your project.
Choose Remove access.
Through the web, you can go to Apps With Access to your Accounts:
Scroll down to the "Signing in with Google" section
Locate your project.
Select it, and choose "Remove access"
The name that is shown should be the name you've given to your project as part of the OAuth screen. If you haven't set that up (and if you're just playing around, you probably haven't), it will use the Project ID for your project. You can find this on the Cloud Console home screen attached to the same project name that you used in Dialogflow and the Action Console.
While you're in there, you will probably want to configure the OAuth screen to have a name for the app as it will be visible to users on the OAuth screen. From the menu, select "APIs & Services" and then "Credentials"
Select the "OAuth consent screen" tab, and fill in the "Application name".
This name should then be in the list of applications you have installed, and can remove.
My web app doesn't need signup feature. So i am only looking for signin. So i didn't setup anything under signup or sign policies.
I am trying to add custom login page to signin policy in Azure AD B2C. I selected Local Account SignIn as Identity provider. But the option Page UI Customization is not enabled and a lock symbol is shown. There is no validation message or information or tooltip explaining what should i do to unlock this feature. But this feature is enabled under signup or sign policies blade.
Can somebody help me with this.
As stated on the UI customization docs page, sign-in pages (in sign-in and profile edit policies) can only be customized using the company branding feature. The question that spottedmahn linked to in the comments (about changing default picture) provides some useful steps.
UPDATE #2: I am retracting my update of "hiding" the link on sign-up/sign-in. That's because if you just hide the link, a user can still make a call to the signup endpoint directly and create a user account. This is not possible through sign-in policy.
I would suggest using the "Sign-up or sign-in" policy for this, and provide a custom template with you own CSS that hides the sign up link:
.create{
display: none
}
'create' is the name of the CSS class used for the signup link.
In the default signin policy, an Enter keypress triggers the actual signin action. However, when I create my own custom policy (using the selfAsserted-form as a basis, it doesn't work. With the custom policy, the user needs to either click the Continue button or use tab to move focus onto the button and then press Enter. Everything else works just as I'd like it to, but this seems like such an inconvenience.
Any idea why this might happen? Has someone else encountered this and found a solution?
This would be easy to fix manually, if it was
possible to include custom JavaScript code in the "template" HTML file that the Azure AD B2C injects the policy-complying form into. However, this doesn't seem to yet be possible either (as stated here ).
I am currently trying to customise the Azure B2C Sign-In page and it seems quite restrictive. For starters the sign-in policies unlike some of the other policies does not give the option of adding a custom page to Page UI customization for “Local account sign-in page”.
enter image description here
When I try to customise the sign-in page through the classic portal I am unable to add text to the Password placeholder although I am able to change the username/email place holder text by changing the User ID Placeholder field.
enter image description here
I would also like to change the text "Can't access your account" to "Forgot your password".
Use the "Sign up & Sign In" policy for this, this is a newer type of policy, which has more of the customizations features you are asking for.
It's on the backlog of the team to fix this I was told, but the focus was on the newer policies.
For the password placeholder we had the same problem, localization isn't available yet, and there is no way to change the password label at this moment.
Since the service is GA for a few days, we'll have to wait for the new features