在移动应用上注册登录期间绕过 Azure AD B2C 中的电子邮件验证
[英]Bypassing Email Verification within Azure AD B2C during Signup Signin on Mobile app
问题描述
I hope I'm clear with my question so here goes.
我希望我的问题很清楚,所以这里是。 On the sign up flow of our app we ask the user for username, email and password.在我们应用程序的注册流程中,我们要求用户提供用户名、电子邮件和密码。 However we're not requiring a user's email to be confirmed/validated to continue to use the app.但是,我们不要求确认/验证用户的电子邮件以继续使用该应用程序。 Per our IT dept - Azure AD B2C requires the email address to be verified during the first time signup when by the end user.根据我们的 IT 部门 - Azure AD B2C 要求在最终用户首次注册时验证电子邮件地址。 Is this an absolute truth?这是绝对真理吗? Other apps require email, but will still let the user utilize services without confirmation.其他应用程序需要电子邮件,但仍可让用户在未经确认的情况下使用服务。
We understand the risk and are putting onus on the user if they decide to use an email they don't own.我们了解风险,如果用户决定使用不属于他们的电子邮件,我们将承担责任。 Details of this scenario will be detailed in the legal disclosure.这种情况的细节将在法律披露中详细说明。 So resetting passwords, notifications etc. won't work for this user.因此重置密码、通知等不适用于该用户。
4 个解决方案
解决方案1
2 2017-02-12 03:17:10
This is now possible.这现在是可能的。 From the Azure AD B2C Documentation来自Azure AD B2C 文档
- Click Sign-up policies or Sign-up or sign-in policies depending on what you configured for sign-up.
- Click your policy (for example, "B2C_1_SiUp") to open it.
- Click Page UI Customization.
- Click Local account sign-up page.
- Click Email Address in the Name column under the Sign-up attributes section.
- Toggle the Require verification option to No.
- Click OK at the bottom until you reach the Edit policy blade.
- Click Save at the top of the blade.
解决方案2
1 2016-06-09 17:09:33
It would be nice if we could turn off email verification.如果我们可以关闭电子邮件验证,那就太好了。 I think there's a lot of things that would be nice to configure in the policies, but we currently can't.我认为在策略中配置很多东西会很好,但我们目前不能。
For now, you will have to write your own signup flow with custom HTML/JavaScript and backend API/services, and then have your backend create the account using the B2C Graph API.现在,您必须使用自定义 HTML/JavaScript 和后端 API/服务编写自己的注册流程,然后让您的后端使用 B2C Graph API 创建帐户。
解决方案3
0 2017-02-13 10:42:14
NB: It seems that the "Require verification" setting mentioned in the answer above is global for the B2C tenant, even though it looks like the setting is set for a specific policy (based on that you select a policy first).注意:上面的答案中提到的“需要验证”设置似乎对 B2C 租户是全局的,即使该设置看起来像是为特定策略设置的(基于您首先选择策略)。 This is confusing in the UI.这在 UI 中令人困惑。 Also, it seems that email addresses cannot be edited in a "edit profile" policy.此外,似乎无法在“编辑个人资料”策略中编辑电子邮件地址。
解决方案4
0 2020-02-24 02:06:03
Here is the option for a user flow: https://docs.microsoft.com/en-us/azure/active-directory-b2c/user-flow-disable-email-verification这是用户流的选项: https : //docs.microsoft.com/en-us/azure/active-directory-b2c/user-flow-disable-email-verification
For a custom policy, in the <TechnicalProfile Id="LocalAccountSignUpWithLogonEmail"> just add into metadata tag the next tag.对于自定义策略,在<TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">只需将下一个标记添加到元数据标记中。
<Metadata>
<Item Key="EnforceEmailVerification">False</Item>
</Metadata>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.