Azure AD B2C Signup - email verification as Step after email and password is entered by user

Question

Hello,

I have a scenario where as part of the user sign up, only email address and password need to be captured in Step 1 and as Step 2, do the email verification. User should be registered only after the user completes the email verification step.

We will be using custom HTML for both the steps.

I have seen the custom policy sample that separates the Email Verification and User Registration into 2 separate screens but what I want to do is split the process with the order of the steps interchanged.

Is this scenario achievable in AAD B2C with user flows or custom policies.

Appreciate any direction on this. Thanks!

Answer 1

Hi @AV , If I understand correctly, you want the user to register first, and then after they register they will be prompted for email verification? And only after they verify their email can they access the site?

Yes, this can be done! I assume the sample you're referencing is this one? There are a few ways to do this. If you wanted to use the sample provided you would need to change the orchestration steps. I can detail that if needed, but there is another sample you can use that may be better.

My colleague Amanpreet details how you can edit that sample to add email verification.

You need to add below input and output claim under
<TechnicalProfile Id="LocalAccountSignUpWithLogonEmail"> available in TrustFrameworkBase file.

<InputClaim ClaimTypeReferenceId="email" />  
<OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="Verified.Email" Required="true" />  

Then add below output claim to your SignupOrSignin.xml (RP File) to get email address claim in the token to be presented to the application:

<OutputClaim ClaimTypeReferenceId="email" />  

The full code can be found in the linked thread.

Please let me know if you have any questions or if I misunderstood your ask. If this answer helped you please mark it as "Verified" so other users can reference it.

Thank you,
James