B2C Admin Custom Flow one time action

Fred Flintstone 21 Reputation points
2020-10-14T16:08:37.377+00:00

We are using azure ad b2c to log in to an application that we created. All is going fine at this time. There is a need to allow an admin user to "override" a setting on the user's session. The flow will be that the user will be working along, get to a point that they need "Admin Override" and they will call the Amin to their work station. That admin will look at the scenario and if they think it is appropriate, they will ask the user to click the override button and the admin will type in their username and password, and select a dropdown to specify the reason for the override which will get sent to a custom api called in the custom flow.

It seems that we can use a custom flow for this. I have 2 questions:

-How do we pop up the custom flow UI that will capture the credentials and data input from the admin?

-How do we keep the user signed in, without the Admin taking over the logged in session. Keep in mind, all of this is taking place on the user's workstation. For this question, it seems that I could create a custom user journey and just leave out the last step where we send the JWT token back.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,569 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,603 questions
0 comments No comments
{count} votes

Accepted answer
  1. Alfredo Revilla (MSFT) 26,821 Reputation points
    2020-10-14T17:10:12.467+00:00

    You mighty try using a self asserted technical profile to capture the admin credentials and validate them against a rest technical profile that will authenticate them against B2C (or AAD) using ROPC.

    --
    Please let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful