自定义属性存在一个已知限制.它只会在任何策略中首次使用时创建,而不会在您将其添加到用户"属性列表中时创建.
There is a known limitation of custom attributes. It is only created the first time it is used in any policy, and not when you add it to the list of User attributes.
所以我认为我想做的事情无法直接实现.我想解决方法是:
So I'm thinking what I'm trying to do is not achievable directly. I guess a workaround would be:
- 创建编辑(或注册)政策
- 执行用户编辑,提示输入新的自定义属性
- 删除修改政策
更新
我开始通过注册策略来实现我的解决方法,并且在上传了自定义策略后,新属性NewCustomAttribute
在那里没有创建用户.
I started implementing my workaround via a sign-up policy and after uploading my custom policies, the new attribute, NewCustomAttribute
, is there without creating a user.
什么魔术添加了这个新属性?
What magic added this new attribute?
.\b2c Get-Extension-Attribute [my-ad-app-guid]
{
"odata.metadata": "https://graph.windows.net/ebenefitsdev.onmicrosoft.com/$metadata#directoryObjects/Microsoft.DirectoryServices.ExtensionProperty",
"value": [
{
"odata.type": "Microsoft.DirectoryServices.ExtensionProperty",
"objectType": "ExtensionProperty",
"objectId": "[some-guid]",
"deletionTimestamp": null,
"appDisplayName": "",
"name": "extension_[my-ad-app-guid]_NewCustomAttribute",
"dataType": "String",
"isSyncedFromOnPremises": false,
"targetObjects": [
"User"
]
}
}
推荐答案
The extensions app, which is added to the Azure AD B2C directory when it is created, registers the extension property when a custom attribute is created via the Azure AD B2C blade.
扩展程序应用程序ID应与扩展程序属性名称的中间部分匹配.
The extensions app ID should match the middle part of the extension property name.
在扩展程序应用程序注册扩展属性之后,在任何内置或自定义策略引用扩展属性之前,可以通过Azure AD Graph API对其进行读写.
After the extension property is registered by the extensions app and before it is referenced by any built-in or custom policy, it can be read from and written to via the Azure AD Graph API.
这篇关于添加未在注册或编辑策略中使用的自定义属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!