I have an existing Sign-Up/Sign-In policy and I want to change the Application that is associated with. When I select the new Application that I want in the drop down the change does not get saved (ie. it reverts back to what it was previously. I don't see a save button either. I've tried editing the policy and hitting the save button in that window as well as pressing the Run now button but no luck. Am I overlooking something?
The B2C Policy run screen does not save your last known run profile. This page is to test your policy, and as such will reset all application, domain, reply URL etc settings each time.
Policies can be run against all applications.
The run now screenshot you have demonstrates this.
Related
I am newbie in azure ad b2c custom policies. Currently I am trying to understand is it possible to redefine LocalAccount PasswordReset custom policy from starterpack in the way as on the picture:Desired journey
Requirements are
1st screen: exclude separate SendCode button making Continue button responsible for both: sending code and moving to the next screen if the code was sent;
2nd screen: lock email, provide VerifyCode field, Continue button responsible for both: verifying the code and moving to the next screen if the code was verified;
3rd screen: standard screen with newPassword, reenterPassword and Continue button as in the starterpack
I really hope you can help
• Yes, you can surely create the password reset setup as you desire in the diagram attached in your post. For this purpose, you will have to edit the ‘Trustframeworkextensions.xml’ file with that given in the link as below: -
https://github.com/azure-ad-b2c/samples/commit/7669af06637550739e845b7ad42211a3a412658d
In the link above, the ‘SplitEmailVerificationAndSignup_TrustFrameworkExtensions.xml’ file must be uploaded and used in the Azure AD B2C Identity Experience Framework custom policies list. In this file, you will have to edit the ‘Technical Profile’ section with ID ‘LocalAccountSignUpWithReadOnlyEmail’. In that, you will have to remove the ‘OutputClaim’ for ‘objectId’, ‘displayName’, ‘givenName’, ‘surName’, ‘newUser’ and ‘authenticationSource’ from the said ‘TechnicalProfile’. Else, let all other details be the same and then upload the policy and try testing the user flow. It will give you the same result screen as expected by you.
Also, ensure that the ‘SplitEmailVerificationandSignup.xml’ file is also uploaded such that the references for other policy files are found correctly.
Right now the ProfileEdit.xml file that comes with active-directory-b2c-custom-policy-starterpack asks the user to sign in before actually letting them get to the Edit Profile page.
The use case I'm trying to accomplish is a little bit different. The user is already signed in to the app and there's a button Edit Profile that when clicked will take the user to the Edit Profile page. That is, there should be no Sign in again.
My app allows the user to sign in using: Facebook and Local Account Signin. The custom ProfileEdit B2C policy should know which one the user used to login and just redirect the user to the ProfileEdit policy directly.
I tried messing up with the ProfileEdit Technical Profile but the mods I did didn't work.
Can anyone more experienced with Azure B2C custom policies let me know how to achieve this?
This is normal, imagine someone got to the profile edit link and bookmarked it. Then logged out. Then launched profile edit -> you need them to login, otherwise things break.
So this is actually working perfectly already, just that you will get Single Sign On, such that once you have used the Sign In journey, the Profile Edit journey will skip the sign in step.
You can test it like this:
1. Open a new browser, and use the sign in journey, login and complete.
2. Open a new tab, and paste the Profile Edit link, remove the prompt=login query parameter.
3. Execute the link, you are taken straight to modifying your profile page, rather than seeing a sign in page.
In the default signin policy, an Enter keypress triggers the actual signin action. However, when I create my own custom policy (using the selfAsserted-form as a basis, it doesn't work. With the custom policy, the user needs to either click the Continue button or use tab to move focus onto the button and then press Enter. Everything else works just as I'd like it to, but this seems like such an inconvenience.
Any idea why this might happen? Has someone else encountered this and found a solution?
This would be easy to fix manually, if it was
possible to include custom JavaScript code in the "template" HTML file that the Azure AD B2C injects the policy-complying form into. However, this doesn't seem to yet be possible either (as stated here ).
In my admin dashboard I have a custom tab that is used for displaying access requests made by users within the widget. I give the admin some options in this custom tab. One of these options is to grant the request. When the admin grants the requests however, they must then assign the user that requested access to a plugin so they can be redirected in the future.
I have this functionality set up in another tab and don't really want to replicate it in this custom tab if I don't have to. Is there anyway to, on clicking of the grant access button, send the admin to the other tab with some data from previous tab?
Unfortunately There is no navigate to Tab feature. However you can actually navigate to other page directly which will take you there under the same tab (not ideal but will get the job done)
Or a much cleaner solution would be building a SPA architecture like the People or Places plugin with virtual tabs and breadcrumbs
https://github.com/BuildFire/sdk/wiki/How-to-use-Breadcrumbs
ref:
https://github.com/BuildFire/peoplePlugin
https://github.com/BuildFire/placesPlugin
Hope this helps
Every morning when i fire up my VM and IE (in my host OS) and go to my SP site it always logs me on automatically as DOMAIN\george which is a user I created for testing permissions.
So every morning after that I click "sign in as a different user" to sign in as my sys admin user instead and most days that is the only user I use. Any idea why george's credentials are being cached?
Part of "firing up my VM" is running a script that starts IIS as well as some services. I'm not entirely sure SharePoint is responsible for this, could very well be ASP.Net.
EDIT: I've already tried clearing my cookies.
Had a very similar problem! To solve it, go to 'User Accounts' under the Windows Control panel.
Navigate to 'Manage your network passwords'. Select the domain you wish to clear and select 'Remove'.
You should now have a clean login dialogue box and when you check the 'remember me' box, this will be stored as the login default for that domain.
I was able to remove the test login credentials using the User Account control panel applet in Windows 7
Open the Manage Credentials link.
Find the Sharepoint Login in the Windows Vault.
Expand the address for the site
Remove the test login for this site.
After doing this I am no longer prompted for the login and login as different user prompt.
Have you checked that there are no logins and passwords being stored by the browser? Assuming you are using IE, see this article on how to clear them.
If DOMAIN\george is same user ID you are logging in to the VM ? If that is the case try changing the Setting in IE that dictates what user name is send to the Server. Just go to Tools - > Settings - > Security and Click on Custom Level, scroll down to bottom and you will find User Authentication option Select the Prompt for User name and Password.
It could also be that you are using IE8, that caches my credentials as well it seems.
IE8 stores credentials for favourites it seems, don't ask me why. What you should do is log in as the needed user, then save a new favourite (or add it to the favourites bar by dragging it). Then use that link to go to your site.