用户名不是使用Azure AD B2C中的资源所有者密码凭据的电子邮件地址 [英] Username not email address using Resource Owner Password Credentials in Azure AD B2C

问题描述

我想知道是否可以在Azure AD B2C的资源所有者密码凭证中使用像john.smith`这样的用户名代替`john.smith @ myfirm.com`。



https://docs.microsoft.com/en-gb/azure/active-directory-b2c/configure-ropc



示例如下：

I wonder if it is possible to use username like `john.smith` instead of `john.smith@myfirm.com` in Resource Owner Password Credentials in Azure AD B2C.

https://docs.microsoft.com/en-gb/azure/active-directory-b2c/configure-ropc

For example like below:

https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/oauth2/v2.0/token?p=B2C_1_ROPC_Auth    

内容类型：application / x-www-form-urlencoded   

Content-Type: application/x-www-form-urlencoded   

username = john.smit& password = mypassword& grant_type = password& scope = openid myappId offline_access& client_id = myappId& response_type = token + id_token

username=john.smit&password=mypassword&grant_type=password&scope=openid myappId offline_access&client_id=myappId&response_type=token+id_token

所有用户都是我公司的员工。我们会在使用B2C之前将用户数据导入azure AD。

理想情况下，我们不希望在发送之前附加@ myfirm.com到B2C。

All users are my firm's employees. We will import user data into azure AD before using B2C.

Ideally, we don't want to append @myfirm.com before sending it to B2C.

有什么想法吗？

推荐答案

1。您可以使用Azure AD Graph API在Azure AD B2C目录中使用emailAddress和username作为登录名称类型创建本地帐户。 

1. You can use the Azure AD Graph API to create a local account in the Azure AD B2C directory using emailAddress and username as the sign-in name types. 

https：// docs。 microsoft.com/en-us/azure/active-directory-b2c/configure-ropc

https://docs.microsoft.com/en-us/azure/active-directory-b2c/configure-ropc

2。您还应该能够在范围或登录政策中进行设置：  https://docs.microsoft.com/mt-mt/azure/active-directory-b2c/ropc-custom？view = azps- 1.0.0

2. You should also be able to set this up in the scopes or sign-in policy: https://docs.microsoft.com/mt-mt/azure/active-directory-b2c/ropc-custom?view=azps-1.0.0

3。这个Github示例提供了一些设置示例。  https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/master/scenarios

3. This Github sample has some examples for setting this up. https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/master/scenarios

这篇关于用户名不是使用Azure AD B2C中的资源所有者密码凭据的电子邮件地址的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！