To send SMS authentication to a specific number in a custom policy Azure B2C, you can use the PhoneFactor technical profile. This technical profile sends an SMS message to the phone number specified in the input claim. You can use this technical profile in your custom policy to send an SMS message to a specific phone number.
Here's an example of how to use the PhoneFactor technical profile in your custom policy:
<TechnicalProfile Id="PhoneFactor-SendCode">
<DisplayName>Send code using PhoneFactor</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.PhoneFactorProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="Content-Type">application/json</Item>
<Item Key="IncludeClaimResolvingInClaimsHandling">true</Item>
<Item Key="IpAddressClaimReferenceId">IpAddress</Item>
<Item Key="language.button_continue">Continue</Item>
<Item Key="language.button_cancel">Cancel</Item>
<Item Key="language.phonefactor_instructions">Enter the code you received on your phone.</Item>
<Item Key="language.phonefactor_sendcode_retry">Resend code</Item>
<Item Key="language.phonefactor_sendcode">Send code</Item>
<Item Key="language.phonefactor_entercode">Enter code</Item>
<Item Key="language.phonefactor_verifycode">Verify code</Item>
<Item Key="language.phonefactor_resendcode">Resend code</Item>
<Item Key="language.phonefactor_sendcode_wait">Please wait...</Item>
</Metadata>
<InputClaims>
<InputClaim ClaimTypeReferenceId="phoneNumber" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="verificationCode" />
</OutputClaims>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
</TechnicalProfile>
In this example, the phoneNumber
claim is used as the input claim to the PhoneFactor technical profile. The verificationCode
claim is used as the output claim to store the verification code sent to the phone number.
To use this technical profile in your custom policy, you can add a validation technical profile that references the PhoneFactor technical profile:
<TechnicalProfile Id="PhoneFactor-Validation">
<DisplayName>PhoneFactor Validation</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.PhoneFactorProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="Content-Type">application/json</Item>
<Item Key="IncludeClaimResolvingInClaimsHandling">true</Item>
<Item Key="IpAddressClaimReferenceId">IpAddress</Item>
<Item Key="language.button_continue">Continue</Item>
<Item Key="language.button_cancel">Cancel</Item>
<Item Key="language.phonefactor_instructions">Enter the code you received on your phone.</Item>
<Item Key="language.phonefactor_sendcode_retry">Resend code</Item>
<Item Key="language.phonefactor_sendcode">Send code</Item>
<Item Key="language.phonefactor_entercode">Enter code</Item>
<Item Key="language.phonefactor_verifycode">Verify code</Item>
<Item Key="language.phonefactor_resendcode">Resend code</Item>
<Item Key="language.phonefactor_sendcode_wait">Please wait...</Item>
</Metadata>
<InputClaims>
<InputClaim ClaimTypeReferenceId="phoneNumber" />
<InputClaim ClaimTypeReferenceId="verificationCode" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="localAccountAuthentication" />
</OutputClaims>
<ValidationTechnicalProfiles>
<ValidationTechnicalProfile ReferenceId="login-NonInteractive" />
</ValidationTechnicalProfiles>
</TechnicalProfile>
In this example, the phoneNumber
and verificationCode
claims are used as input claims to the PhoneFactor validation technical profile. The objectId
claim is used as the output claim to store the object ID of the user. The authenticationSource
claim is used as the output claim to indicate that the user was authenticated using phone factor authentication.
If the suggestion doesn't solve your problem. Can you please share your custom policy so that the community can help you? Thanks.
References:
AI Note: This comment is generated using the Microsoft Q&A AI Assist tool.