Académique Documents
Professionnel Documents
Culture Documents
B2C + 1 Refresher
Features
© 2018 Microsoft Corporation. All rights reserved. Last modified: April 27, 2018
This training package content is proprietary and confidential, and is intended only for users described in the training materials. Some elements of this document are subject to
change. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
This content and information is provided to you under a Non-Disclosure Agreement and cannot be distributed. Copying or disclosing all or any portion of the content and/or
information included in this package is strictly prohibited. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under
copyright, no part of this document may be reproduced, stored in, or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly
provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other
intellectual property.
The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any
real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Microsoft and the Microsoft products and services listed are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
B2C + 1 Refresher Features
Table of contents
Usage Reporting APIs ....................................................................................................................................................................... 1
Skip Email Verification ...................................................................................................................................................................... 3
Scenario 1 ....................................................................................................................................................................................... 3
Scenario 2 ....................................................................................................................................................................................... 7
Resources............................................................................................................................................................................................ 10
The PowerShell script is based on the Reporting API which itself is based on Azure AD graph. Today it uses
the https://graph.windows.net endpoint.
The direction is to move towards Microsoft Graph from the current Azure AD Graph. So, this feature might
undergo a corresponding change.
1. Look at the actual code, look for the actual request being formed and look at the Header parameter
being passed. Example below:
https://graph.windows.net/$tenantdomain/reports/tenantUserCount?api-version=beta
2. If the application source code is not available, then look at HTTP trace taken from a browser or fiddler.
GET
https://graph.windows.net/contosob2c.onmicrosoft.com/reports/tenantUserCount?api-
version=beta
Note: Subsequently, the POD Azure Developer engineer moves the case to the “DS Azure
ADSI” team.
a. First thing Dev engineer needs to do is find the tenant being used either by asking the customer
or looking at the below configuration file of the actual application. The B2C tenant will have a
name like “xyz.onmicrosoft.com” in the web.config of the application code. Also, make a note of
the “SignUpPolicyId” value.
Image 1
b. Request customer to log-in to Azure Ibiza portal http://portal.azure.com , ask him to change the
scope to that Azure AD Tenant.
Image 2
c. Once the context of the portal is switched to the concerned Tenant, navigate to the actual Azure
AD B2C tenant. On the left-hand pane select “More Services” > Search for “Azure AD B2C”.
Image 3
Below are the steps to traverse the “Sign-up policies” but the steps remain the same for “Sign-up or sign-
in policies”. Select the policy name that we had seen in the web.config file (refer Image-1) for the
application and follow the order of clicks as shown.
Image 5
Image 6
e. Clicking the “Local account sign-up page”, opens the below customization page.
So, the “Require verification” is set to NO, that’s the reason the application doesn’t require email
verification.
If they want to get verification code they would have to flip it back to Yes.
Scenario 2
Customer reports that he enabled “Skip Email Verification” for one application but it seems other
applications got affected as well OR If I change the “SiUp” policy of one application it is changing the
“SiUp” policy of other applications in the same tenant.
c. Check the policy setting for application “b2ctestapp”, which I didn’t change. But this also will get
changed.
Note:
The reason is that a single Policy can be shared by multiple applications.
While the UI on the Portal might seeming suggest the Policies and Applications are linked, the
Policies are global for the Tenant. The above behavior is intended as per design.
Customer will need to create a separate “Sign Up” policy and use that in the applications they
want a different behavior.
We allow customers who might want an email verification for application 1 but not for
application 2, both applications residing in the same tenant.
Resources
Resource Lookup Note:
Usage reporting API: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-
directory-b2c-reference-usage-reporting-api
Skip email verification: https://docs.microsoft.com/en-us/azure/active-directory-
b2c/active-directory-b2c-reference-disable-ev