Share via

Azure Ad B2c PhoneFactor-Verify skip the send screen

Henry Mao 21 Reputation points
2022-06-22T07:27:52.347+00:00

I created an azure ad b2c policy with UserJourney that include an PhoneFactor-Verify step.
I have a TechnicalProfile PhoneFactor-Verify: with ManualPhoneNumberEntryAllowed set to false, so user can NOT change registered phone number. 

 <TechnicalProfile Id="PhoneFactor-Verify">  
          <DisplayName>PhoneFactor</DisplayName>  
          <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.PhoneFactorProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />  
          <Metadata>  
            <Item Key="ContentDefinitionReferenceId">api.phonefactor</Item>  
            <Item Key="ManualPhoneNumberEntryAllowed">false</Item>  
          </Metadata>  
          <CryptographicKeys>  
            <Key Id="issuer_secret" StorageReferenceId="B2C_1A_TokenSigningKeyContainer" />  
          </CryptographicKeys>  
          <InputClaimsTransformations>  
            <InputClaimsTransformation ReferenceId="CreateUserIdForMFA" />  
          </InputClaimsTransformations>  
          <InputClaims>  
            <InputClaim ClaimTypeReferenceId="userIdForMFA" PartnerClaimType="userId" />  
            <InputClaim ClaimTypeReferenceId="strongAuthenticationPhoneNumber" />  
          </InputClaims>  
          <OutputClaims>  
            <OutputClaim ClaimTypeReferenceId="Verified.strongAuthenticationPhoneNumber" PartnerClaimType="Verified.OfficePhone" />  
          </OutputClaims>  
          <UseTechnicalProfileForSessionManagement ReferenceId="SM-MFA" />  
        </TechnicalProfile>

when I run it, I got this screen:

213735-image.png

Is there a way to skip this screen and "send code" automatically? and progress to next validation screen?

I assume I can embed a java script snippet to "click" on the "send code" button, but seems it is a hack.
Is there some thing I can do in policy to skip the click of "send code"?

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Community Center | Not monitored
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Henry Mao 21 Reputation points
    2022-06-23T23:10:14.577+00:00

    OK, I just saw this setting: setting.autodial which works fine for me!.

    so my modifed PhoneFactor-Verify is:
    <TechnicalProfile Id="PhoneFactor-Verify">
    <DisplayName>PhoneFactor</DisplayName>
    <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.PhoneFactorProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
    <Metadata>
    <Item Key="ContentDefinitionReferenceId">cd.verify_otp</Item>
    <Item Key="ManualPhoneNumberEntryAllowed">false</Item>
    <Item Key="setting.authenticationMode">sms</Item>
    <Item Key="setting.autodial">true</Item>
    </Metadata>
    <CryptographicKeys>
    <Key Id="issuer_secret" StorageReferenceId="B2C_1A_TokenSigningKeyContainer" />
    </CryptographicKeys>
    <InputClaimsTransformations>
    <InputClaimsTransformation ReferenceId="CreateUserIdForMFA" />
    </InputClaimsTransformations>
    <InputClaims>
    <InputClaim ClaimTypeReferenceId="userIdForMFA" PartnerClaimType="UserId" />
    <InputClaim ClaimTypeReferenceId="strongAuthenticationPhoneNumber" />
    </InputClaims>
    <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="Verified.strongAuthenticationPhoneNumber" PartnerClaimType="Verified.OfficePhone" />
    <OutputClaim ClaimTypeReferenceId="newPhoneNumberEntered" PartnerClaimType="newPhoneNumberEntered" />
    </OutputClaims>
    <UseTechnicalProfileForSessionManagement ReferenceId="SM-MFA" />
    </TechnicalProfile>

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.