堆栈内存溢出
  简体   繁体   English

我们可以从Azure AD B2C的身份验证中获取电子邮件和密码吗

[英]Can we get email and password from authentication from Azure AD B2C

 原文  2017-10-24 03:39:15       azure/ xamarin.forms/ azure-ad-b2c

问题描述

I want to get email and password after user signup in my Xamarin app, the question is can I get that email and password using this result and then save it to my SQL database in Azure. 我想在Xamarin应用程序中注册用户后获取电子邮件和密码,问题是我可以使用此结果获取该电子邮件和密码,然后将其保存到Azure中的SQL数据库中。 

async void SignUp() {
    DisplayAlert("Result", "Cek Result ", "Ok");
    try {
        var result = await App.AuthenticationClient.AcquireTokenAsync(
            Constants.Scopes,
            string.Empty,
            UiOptions.SelectAccount,
            string.Empty,
            null,
            Constants.Authority,
            Constants.SignUpPolicy);

    } catch (MsalException) {
        // Do nothing - ErrorCode will be displayed in OnLoginButtonClicked
    }
}

and I tried using AuthenticationResult to get user email and password, but I'm only can get user display name , can this AuthenticationResult get user email and password? 并且我尝试使用AuthenticationResult获取用户电子邮件和密码,但是我只能获取用户显示名称,这个AuthenticationResult可以获取用户电子邮件和密码吗? Or is there any method that can do the job? 还是有什么方法可以胜任?

1 个解决方案

解决方案1
 2 已采纳  2017-10-24 07:02:46

An application cannot get the password for security reasons. 出于安全原因,应用程序无法获取密码。 In the B2C Admin portal, you can select "emails" to be sent to the application in your policy. 在B2C管理门户中,您可以在策略中选择要发送到应用程序的“电子邮件”。 The email address used for signup will be in this claim when the token is issued. 颁发令牌时,将在此声明中使用用于注册的电子邮件地址。

You could create a user using AD Graph API and write the password in two places. 您可以使用AD Graph API创建一个用户,然后在两个位置输入密码。 But, if you are storing the password in any other store (eg SQL DB), you will also have to figure out how to keep them in sync when the user changes the password. 但是,如果要将密码存储在任何其他存储区(例如SQL DB)中,则还必须弄清楚在用户更改密码时如何使其保持同步。

In addition, is the aspect of how to properly secure the passwords in the DB. 此外,这是如何在数据库中正确保护密码的方面。 One of the value propositions of a directory is to provide such a security layer. 目录的价值主张之一就是提供这样的安全层。

If you update your question with the scenario you are trying to solve, may be there's a workaround that we could figure out. 如果使用您要解决的方案更新问题,则可能存在我们可以解决的解决方法。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何从Azure AD B2C身份验证获取电子邮件地址? - How to get email address from Azure AD B2C authentication? Azure AD B2C密码重置-跳过电子邮件验证 - Azure AD B2C Password Reset - Skip Email Verification Azure AD B2C 重置密码电子邮件链接 - Azure AD B2C Reset Password Email Link Azure AD B2C,我们可以在应用程序内以编程方式将用户从应用程序注册/登录到 azure 广告吗? - Azure AD B2C, can we programmatically sign up/sign in user from app to azure ad within the application? Azure Ad b2c:成功登录azure ad b2c后在Claims中获得email - Azure Ad b2c: Get email in Claims after successfully Signin in azure ad b2c 如何使用 Azure AD B2C 在重置密码时禁用 email 验证? - How can I disable the email verification on reset password using Azure AD B2C? 将“使用 Apple 登录”与 Azure AD B2C 集成时,我们可以跳过 email 屏幕吗? - Can we skip email screen when integrating 'Sign in with Apple' with Azure AD B2C? Azure AD B2C密码到期 - Azure AD B2C password expiration Azure AD B2C密码重置 - Azure AD B2C Password Reset Azure AD B2C 密码设置 - Azure AD B2C password settings
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM