rbrayb rbrayb
rbrayb
/ MailDebug.cs
Created
September 6, 2024 03:09
Using a fake email server to validate OTP codes in Azure AD B2C
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using Microsoft.AspNetCore.Http; | |
| using Microsoft.AspNetCore.Mvc; | |
| using Microsoft.Azure.WebJobs; | |
| using Microsoft.Azure.WebJobs.Extensions.Http; | |
| using Microsoft.Extensions.Logging; | |
| using System; | |
| using System.Net; | |
| using System.Net.Mail; | |
| using System.Threading.Tasks; |
rbrayb
/ SignUpOrSignIn_Create_TOTP.xml
Last active
August 26, 2024 02:47
Using the TOTP MFA method in Azure AD B2C with an authenticator application
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" | |
| TenantId="tenant.onmicrosoft.com" | |
| PolicyId="B2C_1A_Demo_SignUp_SignIn_Create_TOTP" | |
| PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_Demo_SignUp_SignIn_Create_TOTP"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_Demo_TrustFrameworkExtensions_Create_TOTP</PolicyId> | |
| </BasePolicy> |
rbrayb
/ SignUpOrSigninSAML.xml
Created
April 25, 2024 21:41
Connecting Azure AD B2C as an SP to Entra ID via SAML
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_signup_signinSAMLMeta" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_signup_signinSAMLMeta" | |
| DeploymentMode="Development" | |
| UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TrustFrameworkExtensionsSAMLMeta</PolicyId> |
rbrayb
/ EntraIDFed.xml
Created
April 23, 2024 21:45
Federating with Azure AD B2C without creating a shadow account
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_signup_signin_EntraIDFed" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_signup_signin_EntraIDFed" | |
| DeploymentMode="Development" | |
| UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TRUSTFRAMEWORKEXTENSIONSMFA</PolicyId> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_Captcha" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_Captcha" DeploymentMode="Development" UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TrustFrameworkExtensions-Captcha</PolicyId> | |
| </BasePolicy> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Tenant | Creation method | User type | |
|---|---|---|---|
| Entra ID | Invite | Guest | |
| Entra ID | Self service sign up | Guest | |
| Entra External ID (CIAM) | Invite | Guest | |
| Entra External ID (CIAM) | Self service sign up | Member |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Feature | B2C | CIAM | |
|---|---|---|---|
| Federation | |||
| Custom OIDC | Yes | No | |
| Entra ID | Yes | Note 1 | |
| Microsoft account | Yes | Note 2 | |
| Social | Lots | Facebook and Google | |
| SAML | Yes - direct | Note 3 | |
| WS-Fed | No | Note 3 | |
| - | - | - | |
| User flows |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_Link_Azure" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_Link_Azure"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TRUSTFRAMEWORKEXTENSIONS</PolicyId> | |
| </BasePolicy> | |
rbrayb
/ Guest_SUSI.xml
Created
December 18, 2023 01:51
Logging in with a guest account in Azure AD B2C
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" | |
| PolicySchemaVersion="0.3.0.0" | |
| TenantId="tenant.onmicrosoft.com" | |
| PolicyId="B2C_1A_Guest_SUSI" | |
| PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_Guest_SUSI"> |
rbrayb
/ ClientCredentials-API.xml
Created
December 1, 2023 02:23
Using the client credentials flow inside of Azure AD B2C
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | |
| <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:xsd="http://www.w3.org/2001/XMLSchema" | |
| xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="tenant.onmicrosoft.com" PolicyId="B2C_1A_ClientCred_API" PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_ClientCred_API" DeploymentMode="Development" UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights"> | |
| <BasePolicy> | |
| <TenantId>tenant.onmicrosoft.com</TenantId> | |
| <PolicyId>B2C_1A_TRUSTFRAMEWORKEXTENSIONSMFA</PolicyId> | |
| </BasePolicy> |
NewerOlder