Azure B2C自定义策略中的电子邮件声明 [英] Email claim in Azure B2C custom policies
问题描述
以前,我已经在此处实施了自定义策略(https://docs.microsoft.com/zh-cn/azure/active-directory-b2c/active-directory-b2c-setup-commonaad-custom)允许多租户登录,我能够获得该用户的电子邮件地址,但是 自从开始使用b2clogin域以来,我现在无法在返回的令牌中获取电子邮件地址,并且在查看Azure AD B2C刀片内的用户仪表板时,也没有针对该用户的电子邮件地址记录.
Previously I had implemented the custom policies here (https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-commonaad-custom) to allow for multi-tenant sign on and I was able to obtain the email address for the user but since the move to using the b2clogin domain I am now unable to obtain the email address in the token returned and there is no record of the email address against the user when looking at the user dashboard within the Azure AD B2C blade.
另一个区别是,多租户用户的用户名用于将sts.windows.net/反映为用户名,我觉得现在该用户名已移至与该用户关联的源,但我想知道是否这与上述相同的问题有关.
Another difference is that the username for a multi-tenant user used to reflect the sts.windows.net/ as the username, I feel this has now been moved to the source associated with the user, but I'm wondering if this is related to the same issue as above.
随着移动到b2clogin域,现在是否期望对Microsoft图形进行单独调用以获得用户的额外详细信息?如果是这样,是否有可能在令牌中映射要作为声明返回的用户电子邮件.
With the move to the b2clogin domain, is it now expected that a seperate call be made to microsoft graph to obtain the extra details for the user? If so, is it possible to map the email of a user to be returned as a claim within the token.
在反复试验中,我还允许使用Azure AD B2C应用程序的完整权限,以确保由于我不了解B2C环境在不断变化,因此电子邮件声明没有受到更大的保护.
Within my trial and error, I have also allowed for full permissions for the Azure AD B2C App to ensure that the email claim had not become more protected as I undestand that the B2C environment is constantly changing .
感谢您对此问题的帮助.
Thanks for any help with this issue.
推荐答案
Hi Adam,
感谢您在这里发布!我已经创建了一个工作项,并将您的问题上报给产品团队的人员,该人员可以确认向b2clogin域的迁移是否发生了变化.我也会在自己的实验室中重现该问题.
Thanks for posting here! I have created a work item and escalated your question to someone from the product team who can confirm whether there has been a change with the move to the b2clogin domain. I will reproduce the issue in my own lab as well.
这篇关于Azure B2C自定义策略中的电子邮件声明的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
