Share via

How to configure Azure b2c Sign Up and Sign In using only Username with MFA using Email or Phone and Unique Email/Phone and Custom field?

Mepani Arvindkumar Vishram 1 Reputation point
2020-10-20T16:49:41.667+00:00

I am exploring Azure AD B2C Scenario but XML policy and its technical terminology looks very complex for me.

I am configuring Azure AD B2C Policy for the existing system which is based on username and password. Unique Username and UniqueId generated in the existing system.

So, I need to configure Azure AD B2C Sign Up and Sign In

  • Using Username Only
  • Store EmployeeId in Azure B2C Directory while Sign up and need to check unique EmployeeId in the B2C directory
    • MFA using Email or Phone with a username. Users can select either option.
    • Password Reset with MFA Either using Email and Phone Number based on preference

I am not sure this type of custom policy can be possible or not.

Is there any Azure B2C custom policy that has a similar kind of user flow or functionality?

I don't know how to combine validation, username flow, and MFA with Either Phone or Email and Same for Password Reset.

How can we restrict unique verified Email/Phone with each username for SSPR?

I am not sure where to start for custom policy.

Any help or suggestion much appreciated Thanks in Advance

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
3,097 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. James Hamil 27,101 Reputation points Microsoft Employee
    2020-10-20T22:04:26.433+00:00

    Hi! Yes, this can be done. this thread goes into detail on how to achieve sign up/ sign in using username and email by custom policy. There are also workflow examples here. Please let me know if I can clarify anything for you. Hope this helps!

    Best,
    James

    0 comments
  2. Mepani Arvindkumar Vishram 1 Reputation point
    2020-10-21T05:28:44.507+00:00

    Thank you James for Response.

    Provided user workflow will not work for the below situation, we need to use custom policy I think.

    I have referred that Signup and sign in using username policy but also need to extend to it by

    • Providing validation check of a unique custom attribute for each user
    • Enable MFA but the user can configure either using Email or Phone
    • Password Reset based on Configured MFA approach
    • Is it possible to enforce a unique Email or PhoneNumber along with a Unique username?

    I am not sure how to combine all the above features using Azure AD B2C Custom policy

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.