问题描述
中国区Azure B2C 是否支持手机验证码登录呢?
问题回答
在没有原生 Phone sign-up and sign-in for user flows (中国区不支持,Global Azure支持) 的情况下,可以使用B2C自定义策略实现 Phone sign-up and sign-in,测试步骤如下: 步骤一:在AAD B2C tenant中, 首先需要创建两个应用程序和Policy Keys。参考教程: 创建用户流和自定义策略 - Azure Active Directory B2C(https://docs.azure.cn/zh-cn/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy)
步骤二:下载 Phone_Email_Base.xml(Link:https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/blob/main/scenarios/phone-number-passwordless/Phone_Email_Base.xml),修改其中的 disclaimer_link_1_url, disclaimer_link_1_url, disclaimer_link_2_url
PS: 参照文档说明(Instructions)更改相应参数,修改完成后使用 Upload custom policy 进行上传
步骤三:下载 SignUpOrSignInWithPhone.xml(Link:https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/blob/main/scenarios/phone-number-passwordless/SignUpOrSignInWithPhone.xml),修改其中的 Tenant id,修改完成后使用Upload custom policy进行上传
如无法打开Github,可以从文末附录中下载。
最后:点击Run now进行测试
手机访问页面效果为:
附录一:Phone_Email_Base.xml
User's Object's Tenant ID
string
Tenant identifier (ID) of the user object in Azure AD.
User's Object ID
string
Object identifier (ID) of the user object in Azure AD.
phoneNumber
Email Address
string
Email address of the user
Email address that can be used to contact you.
Readonly
string
Phone Number
string
Enter Phone Number
TextBox
Phone Number
string
Enter National Phone Number
TextBox
Phone Number or Email Address
string
Please enter a valid phone number or email address.
TextBox
Email Address
string
Email address of the user
Email address that can be used to contact you.
EmailBox
boolean
boolean
boolean
string
Paragraph
Country
string
Enter Country
DropdownSingleSelect
Verification Code
string
Enter your verification code
TextBox
Password
string
Enter password
Password
New Password
string
Enter new password
Password
Confirm New Password
string
Confirm new password
Password
Password Policies
string
Password policies used by Azure AD to determine password strength, expiry etc.
client_id
string
Special parameter passed to EvoSTS.
Special parameter passed to EvoSTS.
resource_id
string
Special parameter passed to EvoSTS.
Special parameter passed to EvoSTS.
Subject
string
Display Name
string
Your display name.
TextBox
boolean
boolean
nca
string
Special parameter passed for local account authentication to login.microsoftonline.com.
grant_type
string
Special parameter passed for local account authentication to login.microsoftonline.com.
scope
string
Special parameter passed for local account authentication to login.microsoftonline.com.
objectIdFromSession
boolean
Parameter provided by the default session management provider to indicate that the object id has been retrieved from an SSO session.
UPN User Name
string
The user name for creating user principal name.
The user name for creating user principal name.
UserPrincipalName
string
The user name as stored in the Azure Active Directory.
Your user name as stored in the Azure Active Directory.
Given Name
string
Your given name (also known as first name).
TextBox
Surname
string
Your surname (also known as family name or last name).
TextBox
Please enter a valid email address.
^[a-zA-Z0-9!#$%&'+^_`{}~-]+(?:\.[a-zA-Z0-9!#$%&'+^_`{}~-]+)*@(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)+[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$
The value entered needs to be a phone number.
^\+?(?:[-()\s]*\d[-()\s]*){4,16}$
The national number should not include a country code.
^[^\\+]+$
Please enter a valid email address or phone number.
Please enter a valid phone number.
LineMarkers, MetaRefresh
~/tenant/templates/AzureBlue/exception.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:globalexception:1.2.1
- Error page
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Enter phone number to continue
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Verify new phone number
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Verify phone to sign in
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Verify phone to sign up
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Verify email address
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Collect email address during phone sign up
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Use email to sign in
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Verify email to sign up
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Verify email address
~/tenant/templates/AzureBlue/unified.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:2.1.1
- Signin and Signup using phone
- ChangePhoneNumber
~/tenant/templates/AzureBlue/unified.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:unifiedssp:2.1.1
- Signin and Signup using phone or email
- ChangePhoneNumber
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Change password for email account
~/tenant/templates/AzureBlue/selfAsserted.cshtml
~/common/default_page_error.html
urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.1
- Update profile
Sign in with your existing account
Continue
Sign in with your existing account
Continue
Create
Please verify your country code and phone number
By providing your phone number, you consent to receiving a one-time passcode sent by text message to help you sign into {insert your application name}. Standard messsage and data rates may apply.
Privacy Statement
{insert your privacy statement URL}
Terms and Conditions
{insert your terms and conditions URL}
Please verify your country code and phone number
By providing your phone number, you consent to receiving a one-time passcode sent by text message to help you sign into {insert your application name}. Standard messsage and data rates may apply.
Privacy Statement
{insert your privacy statement URL}
Terms and Conditions
{insert your terms and conditions URL}
Please enter your old country code and phone number
Old phone number
New phone number
Continue
We need to verify the email address you used to sign up with
Create
Add a recovery email now so you can recover your account if your phone number changes. Note that this email address is for recovery purposes and not for signing in.
Azure Active Directory
Azure Active Directory
false
- Read
- true
- Read
- false
- true
- That phone number doesn't exist in our system. Please try signing up with the number.
false
- true
- false
- You are already registered, please press the back button and sign in instead.
- Write
- true
- false
- You are already registered, please press the back button and sign in instead.
- Write
- false
- true
- Write
- true
- false
- You are already registered, please press the back button and sign in instead.
- Read
- false
- true
- An account could not be found for the provided email address.
false
- Write
- false
- true
- Write
- false
- true
- Write
- false
- true
Azure MFA
Send Sms
- OneWaySMS
Verify Sms
- Verify
Local Account Sign Up With Phone
Phone
- newPhoneNumber
- Please enter a valid phone number and country code.
Phone
- phoneSignUp
- TextLink
- Please enter a valid phone number and country code.
Phone
- phoneSignUpCollectEmailAddress
Phone
- changePhoneNumberVerifyEmailAddress
Local Account Sign Up With Email
Email
- IpAddress
- emailSignUp
- TextLink
Local Account Sign In With Phone
Local Account Signin Using Phone Only
- Username
- false
Local Account Signin Using Phone Email
- Username
- Please enter a valid phone number or email address.
- false
Phone
- phoneInput
- We don't have a recovery email address listed under the phone number you entered. Contact your organization's IT administrator to change your phone number.
Phone
Change Phone Number
- TextLink
Phone
- phoneSignIn
Phone
- phoneSignIn
Reset password using email address
- IpAddress
- emailDiscovery
false
Change password (username)
- resetemailpassword
Local Account Signin
- Email
- emailSignIn
- Please enter a valid email address.
false
Local Account Signin
- emailSignIn
Local Account SignIn
- ProxyIdentityExperienceFrameworkAppId
- IdentityExperienceFrameworkAppId
- We can't seem to find your account
- Your password is incorrect
- Looks like you used an old password
- Invalid email or password
- https://sts.windows.net/
- https://login.microsoftonline.com/{tenant}/.well-known/openid-configuration
- https://login.microsoftonline.com/{tenant}/oauth2/token
- id_token
- query
- email openid
- false
- POST
User ID signup
- profileUpdate
- true
false
Claims Transformation
Validate UserName Type
Combine country code and national number
Does recovery email exist
Session Management
Noop Session Management Provider
Session Mananagement Provider
Session Management Provider
Trustframework Policy Engine TechnicalProfiles
Trustframework Policy Engine Default Technical Profile
- {service:te}
Token Issuer
JWT Issuer
JWT
- {service:te}
- objectId
- true
isLocalAccountSignIn
SkipThisOrchestrationStep
isLocalAccountSignIn
SkipThisOrchestrationStep
isChangePhoneNumber
SkipThisOrchestrationStep
isLocalAccountSignIn
SkipThisOrchestrationStep
isChangePhoneNumber
SkipThisOrchestrationStep
hasFullProfile
SkipThisOrchestrationStep
isLocalAccountSignIn
SkipThisOrchestrationStep
objectId
SkipThisOrchestrationStep
isLocalAccountSignIn
SkipThisOrchestrationStep
isEmailSignUp
SkipThisOrchestrationStep
isChangePhoneNumber
SkipThisOrchestrationStep
isLocalAccountSignIn
SkipThisOrchestrationStep
isChangePhoneNumber
SkipThisOrchestrationStep
hasFullProfile
SkipThisOrchestrationStep
strongAuthenticationEmailAddress
SkipThisOrchestrationStep
hasFullProfile
SkipThisOrchestrationStep
email
SkipThisOrchestrationStep
phoneNumber
SkipThisOrchestrationStep
hasFullProfile
SkipThisOrchestrationStep
hasFullProfile
SkipThisOrchestrationStep
email
SkipThisOrchestrationStep
phoneNumber
SkipThisOrchestrationStep
phoneNumber
SkipThisOrchestrationStep
strongAuthenticationEmailAddress
SkipThisOrchestrationStep
phoneNumber
SkipThisOrchestrationStep
strongAuthenticationEmailAddress
SkipThisOrchestrationStep
View Code
附录二:SignUpOrSignInWithPhone.xml
yourtenant.onmicrosoft.com
B2C_1A_Phone_Email_Base
PolicyProfile
推荐链接
评论可见,请评论后查看内容,谢谢!!!评论后请刷新页面。
发表评论