0

When the user signup on the adb2c, I want him to type his login / password, and not being already connected.

I tried to edit the signin_signup policy but without results

jug
  • 441
  • 4
  • 10

1 Answers1

1

In Custom Policies, you can use a self asserted page to show the user that they have successfully signed up, but not allow them to continue the journey from there. This is sometimes referred to as a "block page" in our samples. Since the user cannot continue the journey, a token will not be issued and a session will not be established.

You can instead use a Custom HTML page to allow the user to return to the home page from here.

The user then needs to login again to get an authenticated session.

The block page is shown to be used here: https://github.com/azure-ad-b2c/samples/blob/4e43fab365e29f002e9e033a4e078bc2091a8494/policies/password-reset-only/policy/TrustFrameworkExtensions.xml#L132

        <TechnicalProfile Id="SelfAsserted-BlockSignUpClaimsIssuance">
          <DisplayName>BlockSignUpClaimsIssuance Page</DisplayName>
          <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
          <Metadata>
            <Item Key="ContentDefinitionReferenceId">api.selfasserted.blockSignUpPage</Item>
            <!--Demo: hide the continue and cancel buttons -->
            <Item Key="setting.showContinueButton">false</Item>
            <Item Key="setting.showCancelButton">false</Item>
          </Metadata>
          <InputClaimsTransformations>
            <InputClaimsTransformation ReferenceId="GenerateAMessage" />
          </InputClaimsTransformations>
          <InputClaims>
             <InputClaim ClaimTypeReferenceId="userMessage" />
          </InputClaims>
          <OutputClaims>
            <!--Demo: Show the paragraph claim with the message to the user -->
            <OutputClaim ClaimTypeReferenceId="userMessage" />
          </OutputClaims>
          <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
        </TechnicalProfile>

Apply a precondition to this step, such that if the newUser claim exists, that this step is not skipped:

        <OrchestrationStep Order="YOUR STEP #" Type="ClaimsExchange">
          <Preconditions>
            <Precondition Type="ClaimsExist" ExecuteActionsIf="false">
              <Value>newUser</Value>
              <Action>SkipThisOrchestrationStep</Action>
            </Precondition>
          </Preconditions>
          <ClaimsExchanges>
            <ClaimsExchange Id="SelfAsserted-BlockSignUpClaimsIssuance" />
          </ClaimsExchanges>
        </OrchestrationStep>
Jas Suri - MSFT
  • 10,605
  • 2
  • 10
  • 20
  • +1 Thanks for this. @JasSuri-MSFT any idea on this: https://stackoverflow.com/questions/66160132/azure-ad-b2c-custom-policy-with-hrd-domain-hints-and-mfa ? – horus Feb 12 '21 at 11:11