I'm looking to customize Azure AD B2C Sign Up Scenario by doing the following :
User press on Reset Password, he put his email address
Link is being sent to his email address
User click on the link
User is being redirected to change password forms
User input password + password again
Any documentation on how to implement this scenario?
You could do this with custom policies.
The link could be a "magic link" as described here.
You could have a new self-asserting technical profile that just asks for an email address. This would then call a REST API that generates the "magic link" and sends the email.
Related
I'm developing an application using react.js. When A user is registering using email and password and the user is getting a verification email in his email. When the user is clicking on the verification link, then a new tab is opened and the verification is completed without any option. But I want that when the user clicks on the verification link some options will come up (for example: yes/no) and Once the verification is complete the user will be taken to that website page.
I have following scenario -
Sign up -
User enters mobile or email,
MFA to mobile or email for verification,
Password is set only if email is used, for mobile signup - no password
Sign in:
User can sign in using email id/password with MFA
or
User can sign in using mobile/code(sent to user mobile)
This requirement is somewhat similar to Azure AD B2C - sign up/in using email OR mobile
Please let me know, how to achieve phone with code instead of password.
We can achieve this with Custom Policies. But Azure AD B2C cannot discern whether the user gave a mobile number or email address.
Create a self asserted page which asks the user for Email or Phone in a single Text field.
Call a validation technical profile (VTP) as part of this self asserted technical profile.
This VTP will be a REST API technical profile which sends the users input to an API.
The API should format the number correctly if its a phone number, eg +4412345678 and send it back with another claim that flags if its an email or phone number.
Based off the flag, use a PreCondition with ClaimEquals, on an Orchestration Step which calls Azure MFA Technical Profile. And pass in the formatted claim phone number as an input claim. The user will then do SMS/Phone call and be logged in.
Create another Orchestration step with a precondition which handles a flag for email. This one will launch a self asserted page with the email as an input claim. The OutputClaim will be Verified.Email, such that the user must do email verification. The user is then logged in.
Have a look at the samples here too:
https://github.com/azure-ad-b2c/samples
I implemented LinkedIn sign in via oauth2.0 to get user profile, name and email
But I have a problem after user enters email and password - the popup from LinkedIn gives a message - "Please enter the following verifier on the app"
Is there a way how to bypass that or where exactly I need to enter the code?
We have a scenario where a user needs to click on a link and a Consent Form in a .pdf format will open. Once the document is opened, the user will be able to sign the form using DocuSign. Upon clicking [Finished] button, the signed form will be uploaded in the system. Is this possible with DocuSign?
P/S: We are not looking into sending to email nor In Person Signing.
Yes, you can use DocuSign embedded Signing, which does not send any email nor is In-Person signing. You can check embedded Signing here, https://docs.docusign.com/esign/guide/usage/embedded_signing.html
Also you can use API (using Polling - Not recommended) or DS Connect to get alert when Signer has completed the signing ceremony, once you know that signer has completed the signing ceremony then you can pull the signed form to your system.
In angularfire seed project, there is an account registration process using email and password. But how can we verify that the email is not fake? I mean it is without server code, just client code.
Store a token in the database send the same token via e-mail to the client ask them to click a link in the e-mail that passes the token back to a page which marks their e-mail as verified.
You can angularjs-fire seed project at this link angularfire_seed_with_reg_confirmation. Some explanation of it here email verification using angularjs+firebase Below is the quote from its readme:
It is AngularJS seed with Firebase backend and a feature for account
registration confirmation via email. This feature can be used as an
alternative for account activation. It is a clone of AngularFire Seed
with additional feature above and also login feature vial social login
ie login with Facebook, Twitter, and Google.
The account registration differs significantly from the original seed.
We can register for an account just by supplying an email and then
we'll get a confirmation email about our temporary random password.
The password is recommended to be changed to a memorable one and at
the same time it must also be strong and secure.