Azure 自定义策略 B2C 如何读取 Azure AD 用户的员工 ID 并使用此值填充文本框
[英]Azure Custom Policy B2C How I can read the employeeid of an user of Azure AD and populate a textbox with this value
问题描述
I am creating a custom policy with the starterpack of azure.
我正在使用 azure 的 starterpack 创建自定义策略。 My problem is the next: I need to do some change in the TrustFrameworkextensions.xml so that when the user goes to sign in for the first time, it shows on screen the value of the employeeid of the user that made the login for the user to confirm it, that is to say that a textbox appears, like the ones in the image below, with the employee number of the user in AD filled and that the user simply confirms by clicking continue.我的问题是下一个:我需要在 TrustFrameworkextensions.xml 中进行一些更改,以便当用户第一次登录时,它会在屏幕上显示为用户登录的用户的employeeid 值要确认它,也就是说会出现一个文本框,如下图所示,其中填写了 AD 中用户的员工编号,用户只需单击继续进行确认。 What do I have to modify or add in this file?我必须在此文件中修改或添加什么?
I don't know how I can get the value employeeid, I tried this:我不知道如何获得值employeeid,我试过这个:
<ClaimsProvider>
<Domain>XXXXXXX</Domain>
<DisplayName>Login using XXXXXX</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="AADXXXXXX-OpenIdConnect">
<DisplayName>XXXXXXX Employee</DisplayName>
<Description>Login with your XXXXX account</Description>
<Protocol Name="OpenIdConnect"/>
<Metadata>
<Item Key="METADATA">https://login.microsoftonline.com/xxxxxxxxxx.onmicrosoft.com/v2.0/.well-known/openid-configuration</Item>
<Item Key="client_id">3700a22a-c43d-441d-a978-14e4abfac8c4</Item>
<Item Key="response_types">code</Item>
<Item Key="scope">openid profile</Item>
<Item Key="response_mode">form_post</Item>
<Item Key="HttpBinding">POST</Item>
<Item Key="UsePolicyInRedirectUri">false</Item>
</Metadata>
<CryptographicKeys>
<Key Id="client_secret" StorageReferenceId="B2C_1A_XXXXXXXXSecret"/>
</CryptographicKeys>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="issuerUserId" PartnerClaimType="oid"/>
<OutputClaim ClaimTypeReferenceId="tenantId" PartnerClaimType="tid"/>
<OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="employeeID" /> <!--poner given_name-->
<OutputClaim ClaimTypeReferenceId="surName" PartnerClaimType="family_name" />
<OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="name" />
<OutputClaim ClaimTypeReferenceId="extension_employeeid" PartnerClaimType="employeeId" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="socialIdpAuthentication" AlwaysUseDefaultValue="true" />
<OutputClaim ClaimTypeReferenceId="identityProvider" PartnerClaimType="iss" />
<!--<OutputClaim ClaimTypeReferenceId="extension_employeeid" PartnerClaimType="employeeId" /> --><!--ClaimTypeREferenceId nombre campo en b2c y parnerclaimtype nombre campo en AD-->
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName"/>
<OutputClaimsTransformation ReferenceId="CreateUserPrincipalName"/>
<OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId"/>
<OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId"/>
</OutputClaimsTransformations>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-SocialLogin"/>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>
1 个解决方案
解决方案1
0 2022-06-27 22:04:53
You have to create a self-asserted technical profile that contains the three fields.您必须创建一个包含三个字段的自断言技术配置文件。
Add this to the user journey.将此添加到用户旅程中。
To pre-populate the fields, define them as input fields.要预填充字段,请将它们定义为输入字段。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.