当用户未在Azure AD B2C中注册时避免使用验证码电子邮件 [英] Avoid verification code emails when the user is not registered in Azure AD B2C
问题描述
Azure B2C给人一种错误的印象,即用户尝试重设密码时,该用户位于目录中.
Azure B2C is gives a false impression that the user is in the directory when they try to reset their password.
以下是重置密码的步骤: 1)用户单击重置密码"链接
Following is steps in reset password: 1) User clicks the Reset Password link
2)B2C在电子邮件地址"字段中显示一个页面,并说必须进行验证.请单击发送"按钮."
2) B2C presents a page with "Email Address" field and says "Verification is necessary. Please click Send button."
3)用户输入电子邮件地址,然后单击发送验证码"
3) User enters his email address and clicks "Send Verification Code"
4)B2C发送该电子邮件地址的验证码(即使没有用户与该电子邮件地址相关联,也就是该用户认为他已在系统中注册的地方)
4) B2C sends the verification code this that email address (Even if no user is associated with that email address. This is where the user thinks he is registered with the system)
5)现在,用户输入收到的验证码,然后单击验证码"
5) Now the user enters the verification code he received and click "Verify Code"
6)B2C验证了代码,并说电子邮件地址已验证.您现在可以继续"(这是他们确信自己存在于系统中的步骤)
6) B2C validated the code and says "E-mail address verified. You can now continue" (This is the step where they become confident that they exist in the system)
7)现在,当用户单击继续"时,他们会收到错误消息找不到提供的用户ID的帐户."如屏幕截图所示.
7) Now when the users click "Continue" they get the error "An account could not be found for the provided user ID." As given in the screenshot.
确认与用户无关的电子邮件会使他们完全困惑. 我发现此解决方案但无法确切了解如何与我的一起使用这些政策当前政策
Confirming an email that is not associated with a user completely confuses them. i found this solution but not getting exactly how to use these policy along with my current policy
推荐答案
Based on this solution, you need to use the following XML snippet to implement it:
<Action Id="SendCode">
<ValidationClaimsExchange>
<ValidationClaimsExchangeTechnicalProfile TechnicalProfileReferenceId="AAD-UserReadUsingEmailAddress-emailAddress" />
<ValidationClaimsExchangeTechnicalProfile TechnicalProfileReferenceId="AadSspr-SendCode">
<Preconditions>
<Precondition Type="ClaimsExist" ExecuteActionsIf="false">
<Value>objectId</Value>
<Action>SkipThisValidationTechnicalProfile</Action>
</Precondition>
</Preconditions>
</ValidationClaimsExchangeTechnicalProfile>
</ValidationClaimsExchange>
</Action>
因此,您应该首先在"LocalAccountDiscoveryUsingEmailAddress"技术资料中添加"emailVerificationControl".
So you should begin with adding "emailVerificationControl" into the "LocalAccountDiscoveryUsingEmailAddress" TechnicalProfile.
And you need to add DisplayControls into your TrustFrameworkExtensions.xml file so that it could be referenced.
如果还有其他参考,还应该将它们添加到相应位置.
If there are any other references, you should also add them to the corresponding position.
这篇关于当用户未在Azure AD B2C中注册时避免使用验证码电子邮件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!