rbrayb rbrayb
rbrayb
/ SignUpOrSigninSAML.xml
Created
April 25, 2024 21:41
Connecting Azure AD B2C as an SP to Entra ID via SAML
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_signup_signinSAMLMeta" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_signup_signinSAMLMeta" | |
| DeploymentMode="Development" | |
| UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TrustFrameworkExtensionsSAMLMeta</PolicyId> |
rbrayb
/ EntraIDFed.xml
Created
April 23, 2024 21:45
Federating with Azure AD B2C without creating a shadow account
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_signup_signin_EntraIDFed" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_signup_signin_EntraIDFed" | |
| DeploymentMode="Development" | |
| UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TRUSTFRAMEWORKEXTENSIONSMFA</PolicyId> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_Captcha" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_Captcha" DeploymentMode="Development" UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TrustFrameworkExtensions-Captcha</PolicyId> | |
| </BasePolicy> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Feature | B2C | CIAM | |
|---|---|---|---|
| Federation | |||
| Custom OIDC | Yes | No | |
| Entra ID | Yes | Note 1 | |
| Microsoft account | Yes | Note 2 | |
| Social | Lots | Facebook and Google | |
| SAML | Yes - direct | Note 3 | |
| WS-Fed | No | Note 3 | |
| - | - | - | |
| User flows |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Tenant | Creation method | User type | |
|---|---|---|---|
| Entra ID | Invite | Guest | |
| Entra ID | Self service sign up | Guest | |
| Entra External ID (CIAM) | Invite | Guest | |
| Entra External ID (CIAM) | Self service sign up | Member |
rbrayb
/ B2C_1A_DisableSocialAcct_TrustFrameworkExtensions.xml
Created
June 19, 2022 08:43
Fixing one of the Azure AD B2C samples that refers to a disabled federated user.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_Link_Azure" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_Link_Azure"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TRUSTFRAMEWORKEXTENSIONS</PolicyId> | |
| </BasePolicy> | |
rbrayb
/ Guest_SUSI.xml
Created
December 18, 2023 01:51
Logging in with a guest account in Azure AD B2C
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" | |
| PolicySchemaVersion="0.3.0.0" | |
| TenantId="tenant.onmicrosoft.com" | |
| PolicyId="B2C_1A_Guest_SUSI" | |
| PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_Guest_SUSI"> |
rbrayb
/ ClientCredentials-API.xml
Created
December 1, 2023 02:23
Using the client credentials flow inside of Azure AD B2C
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_ClientCred_API" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_ClientCred_API" DeploymentMode="Development" UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TRUSTFRAMEWORKEXTENSIONSMFA</PolicyId> | |
| </BasePolicy> |
rbrayb
/ CreateUser.json
Last active
November 19, 2023 19:38
Reading a user record in Azure AD B2C via a phone number
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "accountEnabled": true, | |
| "displayName": "Read Phone", | |
| "givenName": "Read", | |
| "surname": "Phone", | |
| "mailNickname": "Phone-Read", | |
| "userPrincipalName": "Phone-Read@tenant.onmicrosoft.com", | |
| "passwordProfile": { | |
| "forceChangePasswordNextSignIn": false, | |
| "password": "xWwuiasduidWH-d" |
NewerOlder