0

I need some advice on Customizing Azure B2c (Apple Identity Provider)

Is there a way to disable the sign up of a SignUpAndSignIn policy for an specific IDP? In that case apple?

I checked that post Azure B2C disable Sign up of a SignUpAndSignIn policy but is regarding to local signup, not for a social provider

luisro
  • 3
  • 1

2 Answers2

0

You can do it only in custom policies. They are divided into steps (OrchestrationStep) which can be run under specified conditions (Precondition). One of those conditions can be identity provider selected. In your case it would be configuring the step which writes new external IdP user to directory to be skipped when particular provider is detected. Something similar to this:

<OrchestrationStep Order="7" Type="ClaimsExchange">
<Preconditions>
    <Precondition Type="ClaimEquals" ExecuteActionsIf="true">
        <Value>identityProvider</Value>
        <Value>https://appleid.apple.com</Value>
        <Action>SkipThisOrchestrationStep</Action>
    </Precondition>
</Preconditions>
<ClaimsExchanges>
    <ClaimsExchange Id="AADUserWrite" TechnicalProfileReferenceId="AAD-UserWriteUsingAlternativeSecurityId" />
</ClaimsExchanges>

However, this is just stopping the signup from happening. Some error handling, UX etc would have to be added as well.

wojtekdo
  • 374
  • 1
  • 8
0

Thank you very much for your time.

I'm receiving the following window, we don't want to see the following prompt

enter image description here

We want to use our Apple ID and jump to the app (see image bellow)

enter image description here

luisro
  • 3
  • 1
  • If we're talking about custom policies - you need to remove the OrchestrationStep which runs SelfAsserted-Social technical profile which is responsible for gathering this additional data from the user. – wojtekdo Jun 22 '21 at 08:14