search

Azure-Samples / active-directory-b2c-advanced-policies

Sample for use with Azure AD B2C with Custom Policies.
http://aka.ms/aadb2ccustom
MIT License
217 stars 145 forks source link

Can we link both email and username for the local identities #72

Open heatherjoanne44 opened 3 years ago

heatherjoanne44 commented 3 years ago

Hello,

I am trying to create a custom policy for setting both username and email when creating a new account to be used as part of the user's identity so they can sign in with either one. I was looking at the account-linking policy you have. Is this scenario possible via custom policy or must it be done via an api call via Microsoft Graph?

xinaxu commented 3 years ago

This is possible. In your AAD technical profile (https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-technical-profile), specify both signInNames.emailAddress and signInNames.userName when link another local account type. They will be combined and the user will be patched with a new signInNames collection.

From: heatherjoanne44 notifications@github.com Sent: Monday, November 16, 2020 11:31 AM To: Azure-Samples/active-directory-b2c-advanced-policies active-directory-b2c-advanced-policies@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: [Azure-Samples/active-directory-b2c-advanced-policies] Can we link both email and username for the local identities (#72)

Hello,

I am trying to create a custom policy for setting both username and email when creating a new account to be used as part of the user's identity so they can sign in with either one. I was looking at the account-linking policy you have. Is this scenario possible via custom policy or must it be done via an api call via Microsoft Graph?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FAzure-Samples%2Factive-directory-b2c-advanced-policies%2Fissues%2F72&data=04%7C01%7Cxinaxu%40microsoft.com%7C6cbf355bcc4b4443aff208d88a6624ec%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637411518600985330%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=fa77g2gbCdVaygHCxsQoB%2F27wzCzfqeIMw9o1KSo%2FFo%3D&reserved=0, or unsubscribehttps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAJOMAEVQOUSWBTBRUCUQ4YLSQF4XFANCNFSM4TXSW3HA&data=04%7C01%7Cxinaxu%40microsoft.com%7C6cbf355bcc4b4443aff208d88a6624ec%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637411518600995287%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=B1GdJ8Eqd%2FRAEmJh6uh%2B1erg6s7ThWaOq4Kw0GmqO4c%3D&reserved=0.

heatherjoanne44 commented 3 years ago

Thank you so much. I actually tried that way earlier and I was getting errors or it would just hang, but I just changed it back again so I could tell you the exact error, and now it is working. I must have changed something in the midst of testing other things that caused it to now work properly. Thanks again for you assistance!  On Monday, November 16, 2020, 01:37:16 PM CST, Xinan Xu notifications@github.com wrote:

This is possible. In your AAD technical profile (https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-technical-profile), specify both signInNames.emailAddress and signInNames.userName when link another local account type. They will be combined and the user will be patched with a new signInNames collection.

From: heatherjoanne44 notifications@github.com Sent: Monday, November 16, 2020 11:31 AM To: Azure-Samples/active-directory-b2c-advanced-policies active-directory-b2c-advanced-policies@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: [Azure-Samples/active-directory-b2c-advanced-policies] Can we link both email and username for the local identities (#72)

Hello,

I am trying to create a custom policy for setting both username and email when creating a new account to be used as part of the user's identity so they can sign in with either one. I was looking at the account-linking policy you have. Is this scenario possible via custom policy or must it be done via an api call via Microsoft Graph?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FAzure-Samples%2Factive-directory-b2c-advanced-policies%2Fissues%2F72&data=04%7C01%7Cxinaxu%40microsoft.com%7C6cbf355bcc4b4443aff208d88a6624ec%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637411518600985330%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=fa77g2gbCdVaygHCxsQoB%2F27wzCzfqeIMw9o1KSo%2FFo%3D&reserved=0, or unsubscribehttps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAJOMAEVQOUSWBTBRUCUQ4YLSQF4XFANCNFSM4TXSW3HA&data=04%7C01%7Cxinaxu%40microsoft.com%7C6cbf355bcc4b4443aff208d88a6624ec%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637411518600995287%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=B1GdJ8Eqd%2FRAEmJh6uh%2B1erg6s7ThWaOq4Kw0GmqO4c%3D&reserved=0.

— You are receiving this because you authored the thread.

Reply to this email directly, view it on GitHub, or unsubscribe.