I implemented LinkedIn sign in via oauth2.0 to get user profile, name and email
But I have a problem after user enters email and password - the popup from LinkedIn gives a message - "Please enter the following verifier on the app"
Is there a way how to bypass that or where exactly I need to enter the code?
Related
I'm developing an application using react.js. When A user is registering using email and password and the user is getting a verification email in his email. When the user is clicking on the verification link, then a new tab is opened and the verification is completed without any option. But I want that when the user clicks on the verification link some options will come up (for example: yes/no) and Once the verification is complete the user will be taken to that website page.
User is landed into Reset password screen.
User configured his application password through Azure B2C reset password userflow.
Application page is redirected and user is again asked to provide credentials
Our requirement is - User should land into the Application Dashboard/Home page directly after password is reset through reset password userflow.
I reproduce the issue and it is working fine for me. Please use the below setup for creating Password Reset UserFlow as I have done.
Step 1: Selected “Reset Password using email address” under local account.
Step 2: Did Application claim.
Step 3: Gave access token and id token for authentication for the application.
I have recorded my output in this GIF. Please check out this.
I have following scenario -
Sign up -
User enters mobile or email,
MFA to mobile or email for verification,
Password is set only if email is used, for mobile signup - no password
Sign in:
User can sign in using email id/password with MFA
or
User can sign in using mobile/code(sent to user mobile)
This requirement is somewhat similar to Azure AD B2C - sign up/in using email OR mobile
Please let me know, how to achieve phone with code instead of password.
We can achieve this with Custom Policies. But Azure AD B2C cannot discern whether the user gave a mobile number or email address.
Create a self asserted page which asks the user for Email or Phone in a single Text field.
Call a validation technical profile (VTP) as part of this self asserted technical profile.
This VTP will be a REST API technical profile which sends the users input to an API.
The API should format the number correctly if its a phone number, eg +4412345678 and send it back with another claim that flags if its an email or phone number.
Based off the flag, use a PreCondition with ClaimEquals, on an Orchestration Step which calls Azure MFA Technical Profile. And pass in the formatted claim phone number as an input claim. The user will then do SMS/Phone call and be logged in.
Create another Orchestration step with a precondition which handles a flag for email. This one will launch a self asserted page with the email as an input claim. The OutputClaim will be Verified.Email, such that the user must do email verification. The user is then logged in.
Have a look at the samples here too:
https://github.com/azure-ad-b2c/samples
I'm looking to customize Azure AD B2C Sign Up Scenario by doing the following :
User press on Reset Password, he put his email address
Link is being sent to his email address
User click on the link
User is being redirected to change password forms
User input password + password again
Any documentation on how to implement this scenario?
You could do this with custom policies.
The link could be a "magic link" as described here.
You could have a new self-asserting technical profile that just asks for an email address. This would then call a REST API that generates the "magic link" and sends the email.
In angularfire seed project, there is an account registration process using email and password. But how can we verify that the email is not fake? I mean it is without server code, just client code.
Store a token in the database send the same token via e-mail to the client ask them to click a link in the e-mail that passes the token back to a page which marks their e-mail as verified.
You can angularjs-fire seed project at this link angularfire_seed_with_reg_confirmation. Some explanation of it here email verification using angularjs+firebase Below is the quote from its readme:
It is AngularJS seed with Firebase backend and a feature for account
registration confirmation via email. This feature can be used as an
alternative for account activation. It is a clone of AngularFire Seed
with additional feature above and also login feature vial social login
ie login with Facebook, Twitter, and Google.
The account registration differs significantly from the original seed.
We can register for an account just by supplying an email and then
we'll get a confirmation email about our temporary random password.
The password is recommended to be changed to a memorable one and at
the same time it must also be strong and secure.