I have created a prototype using ROPC custom policy in Azure AD B2C. It is currently marked as "Preview". Is there an approximate release date for this feature?
This feature has been working well during the preview.
Our plan is to GA this during the first quarter of 2019 (Jan-Mar). At this time we foresee no changes necessary before General Availability. Please provide any feedback on your experience to: aadb2cpreview#microsoft.com
Thank you,
Jose
Yes, this feature about the custom policy is already released by using the Identity Experience Framework. For the details, you could read here.
Related
I need a method where I can destroy all user sessions after a product release forcing them to login.
It can be a manual step on portal, I just need to be able to do it.
I can't find anything in the documentation, and the quite generic potential search terms only appear to provide solutions and approaches to different issues.
Is this possible and if so, can you point me in the direction?
Thanks
I have confirmed this with Azure support engineer. Azure B2C doesn't support such feature that sign all users out.
I am trying to retreive/change the MFA number on a B2C account programatically. I don't really mind how its done, and I am aware of this SO question - https://stackoverflow.com/a/40858874/243905 but that was asked a long time ago and I had hoped it was different now.
I find the B2C docs are a bit lacking in clarity on this information, and although I am able to query the users using the method detailed here: https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet
the object that is returned does not return the MFA details.
Is this possible through any means?
strongAuthenticationPhoneNumber can be issued in the resulting token, however it can't be edited using graph, for the moment. It's expected this capability will be available during the 2nd half of 2018.
As of today this appears to be working for Azure B2C. Microsoft Docs
There is an extra permission that the token will need. UserAuthenticationMethod.ReadWrite.All
Where can I find a list of all supported Azure AD B2C Custom Policy Claims Transformation Methods?
I have searched Google, Bing, DuckDuckGo and GitHub for such list, but can't find it.
And TrustFrameworkPolicy_0.3.0.0.xsd schema doesn't contain it.
https://github.com/Azure-Samples/active-directory-b2c-advanced-policies/blob/master/Documentation/Features%20part%206.md - does have an outdated list - some of methods like AddParameterToStringCollection can't be used - policy can't be imported when I use it.
No such list exists at this time. You should request it via the Azure AD B2C feedback forum.
Your best bet is to go through all the starter packs and see which transformations are included in those. While there might be others, if they are not referenced in the starter packs or docs, they are unsupported and not recommended for broad use.
Update!
We have released a full documentation of the schema here:
https://learn.microsoft.com/en-us/azure/active-directory-b2c/claimstransformations
All elements of custom policies for b2c, also known as Identity Experience Framework or IEF are published.
Can I create/update/delete policies via the graph api?
I've reviewed this sample and I don't see anything about policies.
No not yet, but we recently just started working on this capability. If you are interested in helping us test this functionality when it eventually becomes available in preview, please send mail describing your scenario to AADB2CPreview#microsoft.com. (we might have a private preview that we would need to enable on your test tenant specifically, or we might go straight to public preview)
The article https://developer.microsoft.com/en-us/graph/docs/concepts/deployments mentions the sovereign (national) cloud deployment in China only at the moment. What's the story for Germany?
The reason for asking is that there are AAD Login / AAD Graph endpoints specific to the German Cloud (see https://blogs.msdn.microsoft.com/azuregermany/2016/08/18/endpoints-in-microsoft-cloud-germany/, and verified), so there must be one for Microsoft Graph too, right?
Sorry for the delayed response. We just updated our documentation. Please see https://developer.microsoft.com/en-us/graph/docs/concepts/deployments.
Hope this helps,