I am currently trying to customise the Azure B2C Sign-In page and it seems quite restrictive. For starters the sign-in policies unlike some of the other policies does not give the option of adding a custom page to Page UI customization for “Local account sign-in page”.
enter image description here
When I try to customise the sign-in page through the classic portal I am unable to add text to the Password placeholder although I am able to change the username/email place holder text by changing the User ID Placeholder field.
enter image description here
I would also like to change the text "Can't access your account" to "Forgot your password".
Use the "Sign up & Sign In" policy for this, this is a newer type of policy, which has more of the customizations features you are asking for.
It's on the backlog of the team to fix this I was told, but the focus was on the newer policies.
For the password placeholder we had the same problem, localization isn't available yet, and there is no way to change the password label at this moment.
Since the service is GA for a few days, we'll have to wait for the new features
Related
I have a application registerd in Azure AD B2C, When new user logs in for the very first time he is redirected to the attached screen for updating the password. The issue here is that the user does not know what combination of password he needs to input untill and unless a specific combination works.
I need to customize this screen to display user friendly lable telling the user what combination of password he/she needs to enter on this screen.
enter image description here
With AAD B2C you can customize the user interface, which including the sign-up/sign-in, profile editing and password resetting experiences. This documentation outlines how to do the UX customization, test out the templates in the portal and has a few tutorials on setting it up.
Here are the specifics on password rule enforcement.
In Azure API Management you can enable integration with AAD, by following the guidelines in this article:
https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-aad
This part describes the sign in after setting up AAD integration:
https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-aad#a-idlogintodevportalsign-in-to-the-developer-portal-by-using-an-azure-ad-account
In step 3 of of this part, the following is mentioned:
"You might be prompted with a registration form if any additional information is required."
I don't want to bother my consumers with this dialog, but I can't find what 'additional information' is meant here.
The sign up dialog only shows email, first name and last name.
Anyone knows what information the registration process is missing, which leads to this dialog to show up?
I don't want to bother my consumers with this dialog, but I can't find what 'additional information' is meant here. The sign up dialog only shows email, first name and last name.
If you don't want to enable the registration process, you could delete Username and password
provider from azure portal.
It will just use the Azure AD provider. then it will not prompted with a registration form.
Updated:
If I click sign up, I get the registation is disabled.
After consulting the Azure API Management product group, it became clear you cannot disable this dialog at the moment.
The documentation is mentioning the dialog is only prompted in a certain case, but that's is not accurate. The dialog will always be shown when you sign in on the developer portal, when the Azure API Management is integrated with AAD.
My web app doesn't need signup feature. So i am only looking for signin. So i didn't setup anything under signup or sign policies.
I am trying to add custom login page to signin policy in Azure AD B2C. I selected Local Account SignIn as Identity provider. But the option Page UI Customization is not enabled and a lock symbol is shown. There is no validation message or information or tooltip explaining what should i do to unlock this feature. But this feature is enabled under signup or sign policies blade.
Can somebody help me with this.
As stated on the UI customization docs page, sign-in pages (in sign-in and profile edit policies) can only be customized using the company branding feature. The question that spottedmahn linked to in the comments (about changing default picture) provides some useful steps.
UPDATE #2: I am retracting my update of "hiding" the link on sign-up/sign-in. That's because if you just hide the link, a user can still make a call to the signup endpoint directly and create a user account. This is not possible through sign-in policy.
I would suggest using the "Sign-up or sign-in" policy for this, and provide a custom template with you own CSS that hides the sign up link:
.create{
display: none
}
'create' is the name of the CSS class used for the signup link.
In the ADB2C user registration flow you have an picture on the left & the form on the right. Is there an easy way to change the picture on the left? I don't want to redesign the whole page.
Full customization which includes your own HTML/CSS is available for all the Azure AD B2C user flows including the "sign-up or sign-in policies" which offers a combined - registration and login - policy.
The "sign-in" policy type is the only one that offers the ability to customize via the "company branding" feature which needs only a picture upload.
All other flows require upload of HTML/CSS content. A template is available. Full customization is documented here: https://learn.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-ui-customization
Page UI Customization is under Policy->Edit policy->Page UI Customization->Select page->provide source URI
Update
How you get to Company Branding has changed, see this SO Answer.
Previous
Yes. Go to Users and Groups -> Company Branding -> Edit -> Sign-in page background image.
I couldn't find an official documentation on learn.microsoft.com/azure/active-directory-b2c to reference, unfortunately.
I am using username for the identity provider for local account.
When an user forget their username, is there a out-of-box policy that handle the username recovery? Or I have to implement it my own?
If I implement my own, as sign-in policy doesn't have UI customization that I will not be able to add a link for "For get your username" to redirect the user to my code to retrieve their username. Is there a way adding links on the Sign-In page?
There is no out of the box policy for forgotten username. It seems a nice feature though. But I anyway enforce usage of e-mail as username. And frankly, the way to implement this is a bit of a tricky.
You can first get (and confirm) users e-mail address which is registered with the AAD B2C. You have to send him/her an e-mail with a code to make sure that he/she owns the e-mail. Once you get e-mail confirmation, you can query the Graph API for the list of users and search for the provided e-mail.
As for providing link - you can have fully customized "Sign-in or sign-up" policy, where you can put the link. You need to use the special sign-in or sign-up policy, because currently it is the only one that allows for full user experience customisation.