Azure Ad b2c:在azure ad b2c中成功登录后,获取声明中的电子邮件 [英] Azure Ad b2c: Get email in Claims after successfully Signin in azure ad b2c
问题描述
我正在使用带有 SocialAndLocalAccounts 包的自定义策略入门包.
I am using starter pack of custom polices with SocialAndLocalAccounts pack.
对我来说很好.
但是我面临一个问题.成功登录后,我需要索取电子邮件作为声明. 我已经收到电子邮件声明,一旦用户已注册并立即重定向回应用程序.
But I am facing one issue.I need to get email as claim after successfully login. I am getting email as claim, once user has been been signed-up and redirects back immediately to application.
但是当用户只是登录时我没有得到它.
but I am not getting it when a user simply signs-in.
我该怎么办? 要在声明中获取电子邮件的价值,我需要在哪里写输出声明?
How can I get that? where do I need to write an Output Claim to get the value of email in claim?
请帮助我. 谢谢
推荐答案
以下内容描述了如何保存,加载并随后从 others 发出 otherMails 声明作为 emails 的声明.注册/登录和密码重置策略.
Following describes how you can save, load, and then issue the otherMails claim as emails from the sign-up/sign-in and password reset policies.
编写本地帐户时:您必须使用 CreateOtherMailsFromEmail 声明转换从 email 声明中创建 otherMails 声明,然后保留< AAD-UserWriteUsingLogonEmail 技术资料中的strong> otherMails 声明:
When writing a local account: You must create the otherMails claim from the email claim using the CreateOtherMailsFromEmail claims transformation and then persist the otherMails claim in the AAD-UserWriteUsingLogonEmail technical profile:
<TechnicalProfile Id="AAD-UserWriteUsingLogonEmail">
...
<IncludeInSso>false</IncludeInSso>
<InputClaimsTransformations>
<InputClaimsTransformation ReferenceId="CreateOtherMailsFromEmail" />
</InputClaimsTransformations>
<InputClaims>
...
</InputClaims>
<PersistedClaims>
...
<PersistedClaim ClaimTypeReferenceId="otherMails" />
</PersistedClaims>
<OutputClaims>
...
<OutputClaim ClaimTypeReferenceId="otherMails" />
</OutputClaims>
...
</TechnicalProfile>
然后,您必须从 LocalAccountSignUpWithLogonEmail 技术资料中传递 otherMails 声明,该技术资料被调用来注册本地帐户:
You must then pass the otherMails claim out from the LocalAccountSignUpWithLogonEmail technical profile that is invoked to register a local account:
<TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">
...
<OutputClaims>
...
<OutputClaim ClaimTypeReferenceId="otherMails" />
</OutputClaims>
</TechnicalProfile>
编写社交帐户时:已从 email 声明中创建了 otherMails 声明,然后将其保留在 AAD-UserWriteUsingAlternativeSecurityId 技术资料中
When writing a social account: The otherMails claim is already created from the email claim and then persisted in the AAD-UserWriteUsingAlternativeSecurityId technical profile.
然后您必须从 SelfAsserted-Social 技术资料中传递 otherMails 声明,该资料被调用来注册社交帐户:
You must then pass the otherMails claim out from the SelfAsserted-Social technical profile that is invoked to register a social account:
<TechnicalProfile Id="SelfAsserted-Social">
...
<OutputClaims>
...
<OutputClaim ClaimTypeReferenceId="otherMails" />
</OutputClaims>
</TechnicalProfile>
读取本地或社交帐户时: otherMails 声明已在 AAD-UserReadUsingObjectId , AAD-UserReadUsingEmailAddress 和 AAD-UserReadUsingAlternativeSecurityId 技术资料.
When reading a local or social account: The otherMails claim is already read in the AAD-UserReadUsingObjectId, AAD-UserReadUsingEmailAddress, and AAD-UserReadUsingAlternativeSecurityId technical profiles.
然后,您必须从 LocalAccountDiscoveryUsingEmailAddress 技术资料中传递 otherMails 声明,该资料将被调用以恢复本地密码:
You must then pass the otherMails claim out from the LocalAccountDiscoveryUsingEmailAddress technical profile that is invoked to recover a local password:
<TechnicalProfile Id="LocalAccountDiscoveryUsingEmailAddress">
...
<OutputClaims>
...
<OutputClaim ClaimTypeReferenceId="otherMails" />
</OutputClaims>
</TechnicalProfile>
要通过注册/登录和密码重置策略将 otherMails 声明为 email ,请执行以下操作:您必须添加 otherMails 声称是<OutputClaim />
依赖方政策:
To issue the otherMails claim as emails from the sign-up/sign-in and password reset policies: You must add the otherMails claim as <OutputClaim />
to the relying party policies:
<RelyingParty>
...
<TechnicalProfile Id="PolicyProfile">
<OutputClaims>
...
<OutputClaim ClaimTypeReferenceId="otherMails" PartnerClaimType="emails" />
</OutputClaims>
</TechnicalProfile>
</RelyingParty>
这篇关于Azure Ad b2c:在azure ad b2c中成功登录后,获取声明中的电子邮件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!