I have registered my application in b2c tenant, I need to create 2 test users who can't be validated via email as those are dummy , how to bypass the validation only for these 2 emails and allow access to the application ?

Darsana Krishna 20 Reputation points
2023-12-08T10:14:56.7433333+00:00

User 1 and user 2 are dummy users created for testing purpose, but created with an email id that doesn't exist so the email validation during login will fail for them, how to bypass the login validation only for these 2 users without making code changes and only configuration around the B2C tenant settings , Is it possible to do that ? If its possible how to set it ?

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
3,031 questions
0 comments No comments
{count} votes

Accepted answer
  1. James Hamil 26,986 Reputation points Microsoft Employee
    2023-12-08T21:35:08.5466667+00:00

    Hi @Darsana Krishna , you can achieve this by creating a custom policy that overrides the default sign-up or sign-in policy.

    Here are the high-level steps to achieve this:

    1. Create a custom policy that overrides the default sign-up or sign-in policy.
    2. Modify the custom policy to include a validation technical profile that bypasses email validation for specific users.
    3. Assign the custom policy to your application.

    Here are the detailed steps:

    1. Create a custom policy that overrides the default sign-up or sign-in policy:
      • In the Azure portal, go to your Azure AD B2C tenant.
        • Go to "User flows" and click "New user flow".
          • Select "Custom policy" and click "Create".
            • Give your custom policy a name and click "Create".
              • Download the starter pack for your custom policy and extract it to your local machine.
    2. Modify the custom policy to include a validation technical profile that bypasses email validation for specific users:
      • Open the TrustFrameworkExtensions.xml file in a text editor.
        • Add a validation technical profile that bypasses email validation for specific users. Here is an example:
    <TechnicalProfile Id="BypassEmailVerification">
    <DisplayName>Bypass email verification</DisplayName>
    <Protocol Name="None" />
    <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="objectId" Required="true" />
    </OutputClaims>
    <ValidationTechnicalProfiles>
    <ValidationTechnicalProfile ReferenceId="AAD-UserReadUsingObjectId" />
    </ValidationTechnicalProfiles>
    </TechnicalProfile>
    

    This technical profile reads the user's object ID and validates it against Azure AD. If the validation succeeds, the user is allowed to bypass email verification.

    Add a validation step to your sign-up or sign-in technical profile that calls the validation technical profile you just created. Here is an example:

      <ValidationTechnicalProfiles>
        <ValidationTechnicalProfile ReferenceId="BypassEmailVerification" />
      </ValidationTechnicalProfiles>
    

    This step calls the validation technical profile you just created and allows the user to bypass email verification if the validation succeeds.

    1. Assign the custom policy to your application:
      • Go to your application's registration in the Azure portal.
        • Go to "Authentication" and select your custom policy as the sign-up or sign-in policy.
          • Save the changes.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.