How to add link to switch MFA Azure AD B2C custom policy

Question

How to add link to switch MFA Azure AD B2C custom policy

1. Link to change to other MFA option.

Answer 1

Hello @John Walter , to choose a MFA method during a user journey is doable trough Custom Policies. The easiest way would be to pass the prefered MFA method selector as a query param (Eg. ?mfaMethod=phone) so it can be read using OAuth2 key-value parameters and assigned to a claim type. Depending on the claim type you would choose the proper orchestration step. A default method (Eg. email) would be hard coded in case the param is not provided. Depending on the method chosen a link would be added using UI customization and JavaScript.

Take a look to https://github.com/azure-ad-b2c/samples/tree/master/policies/mfa-email-or-phone for a sample of orchestration step for different MFA method. Instead of the extension_mfaByPhoneOrEmail claim, you would use a custom one (Eg. mfaMethod) sources from the previously proposed query/Oauth2 key-value param.

Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.

Answer 2

Thanks for replying @Alfredo Revilla (MSFT) .

These are the task which I need to do

1. If user select one of the MFA then it will save in user profile and next time login user will automatically redirected to previously selected MFA [Working fine].
2. If user is on email/phone MFA then want to change MFA option(Eg. If user's default MFA is email the it will automatically redirected to email MFA but user can switch to phone MFA from that screen) [Pending]