Difficult as hell. Like, for my use case all I wanted is to read a query param and put it into a claim. Turned out it was not possible to do with inbuilt user flows and my only option is to go through this hell with custom policies and become a full time B2C employee. How hard can it be to just allow devs to specify where to read the value for claim from? It's insane honestly. The more I work with B2C the more I realize how it works against me.
Create a claimtype with required datatype and then create a display claim with whatever input claim you want to use and save it as an extension attribute or some inbuilt attribute available
b2c already needs a ui based admin panel for custom policies on top. this is all stuff that should be under the hood. weird that MS released something prototype like this anyways
First, you take the dinglepop, and you smooth it out with a bunch of schleem. The schleem is then repurposed for later batches. Then you take the dinglebop and push it through the grumbo, where the fleeb is rubbed against it. It's important that the fleeb is rubbed, because the fleeb has all of the fleeb juice. ruclips.net/video/eMJk4y9NGvE/видео.htmlsi=uEJbR5tVO96Gn-pI
Superb! But too difficult. Learn something from Ping Federate. How easy they have done and that too more configurable than B2C. This is too complex to handle.
Very nice tutorial, but when I tried to follow this I couldn't get past 20:45 since all the values there are empty and I can't click the Run now button. Any idea why this could happen?
How to make configure azure b2c authentication such that redeem takes them to registration page directly and sign in takes them login. What is happening now is both taming the user to sign in page and user have to do an extra click to sign up or registration. Sometimes it also confuses the user that they directly enter the login in the sign in form instead of registration. Any solution for this?
These operations should be done from the portal with visual elements, not manually editing XML. Microsoft builds too complicated things. To add custom claims shoud be easy as click "new Technical profile" then edit or even add simply attributes then make them available by selecting a checkbox. Unfortunately they are not transmitted/visible in the token. Azure AD B2c doesn't even support groups. Why, Microsoft ? The tool is not mature for final users/programmers. I will tell my company to ABANDON this method and use other. We are wasting time.
I'm coming to the same conclusion. I'm building a web app using Blazor Server and trying to stay as far away from Entity Framework as possible, so I saw B2C as a viable option at first since it still requires MVC but only a little. What alternative to B2C ended up working for you?
Difficult as hell. Like, for my use case all I wanted is to read a query param and put it into a claim. Turned out it was not possible to do with inbuilt user flows and my only option is to go through this hell with custom policies and become a full time B2C employee. How hard can it be to just allow devs to specify where to read the value for claim from? It's insane honestly. The more I work with B2C the more I realize how it works against me.
Create a claimtype with required datatype and then create a display claim with whatever input claim you want to use and save it as an extension attribute or some inbuilt attribute available
B2C does seem to want to intentionally make custom policies as thorny to work with as possible, and user flows as neutered as possible.
I can help with custom claims injection into the token. Try using directory extensions or contact me.
b2c already needs a ui based admin panel for custom policies on top. this is all stuff that should be under the hood. weird that MS released something prototype like this anyways
First, you take the dinglepop, and you smooth it out with a bunch of schleem. The schleem is then repurposed for later batches.
Then you take the dinglebop and push it through the grumbo, where the fleeb is rubbed against it. It's important that the fleeb is rubbed, because the fleeb has all of the fleeb juice.
ruclips.net/video/eMJk4y9NGvE/видео.htmlsi=uEJbR5tVO96Gn-pI
Superb! But too difficult. Learn something from Ping Federate. How easy they have done and that too more configurable than B2C. This is too complex to handle.
Extremely agree on this. The only advantage is to have this as files that can be versioned and potentially can be used in CI/CD processes
thanks a lot 😊😊😊, you saved me, great content
test often! like trial and error cause nothing make sense! :)
Very nice tutorial, but when I tried to follow this I couldn't get past 20:45 since all the values there are empty and I can't click the Run now button. Any idea why this could happen?
Yep, I never got past 20:45 RIP.
Thank you about the great content
Can we stop the registration if there is there is no Loyality number mapped with the email address or any custom property like (UniqueNumberId)
Possible i guess, check for that claim existance or claim null in the orchestration step
How to make configure azure b2c authentication such that redeem takes them to registration page directly and sign in takes them login. What is happening now is both taming the user to sign in page and user have to do an extra click to sign up or registration. Sometimes it also confuses the user that they directly enter the login in the sign in form instead of registration. Any solution for this?
Split the orchestration steps. Inbuilt is combined signup and sign in, modify and create two new policy separately for signup signin
These operations should be done from the portal with visual elements, not manually editing XML. Microsoft builds too complicated things. To add custom claims shoud be easy as click "new Technical profile" then edit or even add simply attributes then make them available by selecting a checkbox. Unfortunately they are not transmitted/visible in the token. Azure AD B2c doesn't even support groups. Why, Microsoft ? The tool is not mature for final users/programmers. I will tell my company to ABANDON this method and use other. We are wasting time.
I'm coming to the same conclusion. I'm building a web app using Blazor Server and trying to stay as far away from Entity Framework as possible, so I saw B2C as a viable option at first since it still requires MVC but only a little. What alternative to B2C ended up working for you?
Yuck.