Azure B2C 自定义登录之旅 - 首先捕获电子邮件
Azure B2C custom Sign In journey - Capture email first
我有一个具有以下要求的自定义用户旅程
- 捕获用户电子邮件
- 检查与 b2c 中该电子邮件关联的 idp
- 中继到idp登录页面
我可以捕获电子邮件地址,但它仅适用于本地帐户,不适用于 Azure AD 或社交登录
您正在寻找 HRD(Home Realm Discovery)解决方案。使用此示例作为构建场景的起点。
A B2C IEF Custom Policy - A Sign In policy with Home Realm Discovery and a Default Identity Provider
For scenarios where you need to implement a sign in journey, where the
user is automatically directed to their federated identity provider
based off of their email domain. And for users who arrive with an
unknown domain, they are redirected to a default identity provider.
In this example, users who enter an email with the suffix contoso.com,
they will be redirected directly to their federated identity provider
to sign in. In this case that is Azure AD (SAML2).
Users who enter an email with the suffix facebook.com, they will be
redirected directly to their federated identity provider to sign in.
In this case that is Facebook (OAuth).
Where a user comes from an unknown email suffix, they will be
redirected directly to a default identity provider, in this case that
is Azure AD (OpenId).
我有一个具有以下要求的自定义用户旅程
- 捕获用户电子邮件
- 检查与 b2c 中该电子邮件关联的 idp
- 中继到idp登录页面
我可以捕获电子邮件地址,但它仅适用于本地帐户,不适用于 Azure AD 或社交登录
您正在寻找 HRD(Home Realm Discovery)解决方案。使用此示例作为构建场景的起点。
A B2C IEF Custom Policy - A Sign In policy with Home Realm Discovery and a Default Identity Provider
For scenarios where you need to implement a sign in journey, where the user is automatically directed to their federated identity provider based off of their email domain. And for users who arrive with an unknown domain, they are redirected to a default identity provider.
In this example, users who enter an email with the suffix contoso.com, they will be redirected directly to their federated identity provider to sign in. In this case that is Azure AD (SAML2).
Users who enter an email with the suffix facebook.com, they will be redirected directly to their federated identity provider to sign in. In this case that is Facebook (OAuth).
Where a user comes from an unknown email suffix, they will be redirected directly to a default identity provider, in this case that is Azure AD (OpenId).