使用 Azure B2C 活动目录在用户级别进行 2FA 身份验证
[英]2FA authentication on user level with Azure B2C active directory
问题描述
We have business application and currently we are implementing Azure B2C active directory.
我们有业务应用程序,目前我们正在实施 Azure B2C 活动目录。 We will enable 2FA authentication in our login workflow but some of our customers would like to disable 2FA authentication.我们将在登录工作流程中启用 2FA 身份验证,但我们的一些客户希望禁用 2FA 身份验证。
Is it possible to Enable / disable 2FA on user level either through console or using Graph api?是否可以通过控制台或使用 Graph api 在用户级别启用/禁用 2FA? Our idea is that if it is possible, then we will not make 2FA authentication as part of the sign in workflow but will enable this feature on user profile level我们的想法是,如果可能的话,我们不会将 2FA 身份验证作为登录工作流程的一部分,而是在用户配置文件级别启用此功能
1 个解决方案
解决方案1
0 2020-01-29 10:14:54
For the built-in flows, MFA is either on for all users or off for all users, so you'll have to create a custom policy that enables an end user (or you as administrator) to opt in to or out from MFA.对于内置流,MFA 要么对所有用户启用,要么对所有用户禁用,因此您必须创建自定义策略,使最终用户(或您作为管理员)能够选择加入或退出 MFA。
A good sample to refer to is the "Sign in with MFA" sample .一个很好的参考示例是“使用 MFA 登录”示例。
As well as offering both e-mail and/or phone MFA, you can add a default choice of "None".除了提供电子邮件和/或电话 MFA,您还可以添加默认选项“无”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.