Get Country code and mobile number from Azure ADB2C MFA number used to get OTP separately in token claim using Custom Policy

Vaibhav Chaudhary 0 Reputation points
2024-06-03T19:12:48.7666667+00:00

I am using Azure Adb2c Custom Policy.

I need to get Country code and mobile number from Azure ADB2C MFA number used to get OTP separately in token claim. I can get them as a single unit for e.g. (+91345234223) but I want this as (+91 345234223) with a space or any other separator. Or Even if country code is returned in one claim and number in other claim.

I tried getting MFA number as (+91 345234223) but got (+91345234223).

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,128 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,195 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 22,891 Reputation points Microsoft Employee
    2024-06-06T20:03:08.66+00:00

    Hi @Vaibhav Chaudhary, to get the country code and mobile number separately from the Azure AD B2C MFA number, you can use the GetNationalNumberAndCountryCodeFromPhoneNumberString claims transformation in your custom policy. This claims transformation extracts the country/region code and the national number from the input claim, and optionally throws an exception if the supplied phone number isn't valid.

    Here's an example of how you can use this claims transformation in your custom policy:

    1. Define the phoneNumber claim in your ClaimsSchema section:
    <ClaimType Id="phoneNumber">
      <DisplayName>Phone Number</DisplayName>
      <DataType>string</DataType>
      <UserHelpText>Enter your phone number.</UserHelpText>
      <UserInputType>PhoneNumber</UserInputType>
      <Restriction>
        <Pattern RegularExpression="^\+(?:[0-9] ?){6,14}[0-9]$"/>
      </Restriction>
    </ClaimType>
    
    1. Define the countryCode and nationalNumber claims in your ClaimsSchema section:
    <ClaimType Id="countryCode">
      <DisplayName>Country Code</DisplayName>
      <DataType>string</DataType>
    </ClaimType>
    
    <ClaimType Id="nationalNumber">
      <DisplayName>National Number</DisplayName>
      <DataType>string</DataType>
    </ClaimType>
    
    1. Define the GetNationalNumberAndCountryCodeFromPhoneNumberString claims transformation in your ClaimsTransformations section:
    <ClaimsTransformation Id="GetNationalNumberAndCountryCodeFromPhoneNumberString" TransformationMethod="GetNationalNumberAndCountryCodeFromPhoneNumberString">
      <InputClaims>
        <InputClaim ClaimTypeReferenceId="phoneNumber" TransformationClaimType="inputClaim" />
      </InputClaims>
      <OutputClaims>
        <OutputClaim ClaimTypeReferenceId="countryCode" TransformationClaimType="outputClaim" />
        <OutputClaim ClaimTypeReferenceId="nationalNumber" TransformationClaimType="outputClaim" />
      </OutputClaims>
    </ClaimsTransformation>
    
    1. Use the GetNationalNumberAndCountryCodeFromPhoneNumberString claims transformation in your TechnicalProfile to get the countryCode and nationalNumber claims:
    <TechnicalProfile Id="PhoneFactor-InputOrVerify">
      <DisplayName>PhoneFactor</DisplayName>
      <Protocol Name="Proprietary" Handler="Web.TPEngine.PhoneFactorVerificationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
      <Metadata>
        <Item Key="ContentDefinitionReferenceId">api.phonefactor</Item>
        <Item Key="ManualPhoneNumberEntryAllowed">true</Item>
        <Item Key="setting.authenticationMode">sms</Item>
        <Item Key="setting.pinRequired">false</Item>
        <Item Key="setting.timeoutSeconds">120</Item>
        <Item Key="setting.retryLimit">0</Item>
        <Item Key="setting.retryInterval">60</Item>
      </Metadata>
      <InputClaimsTransformations>
        <InputClaimsTransformation ReferenceId="GetNationalNumberAndCountryCodeFromPhoneNumberString" />
      </InputClaimsTransformations>
      <InputClaims>
        <InputClaim ClaimTypeReferenceId="countryCode" />
        <InputClaim ClaimTypeReferenceId="nationalNumber" />
      </InputClaims>
      <OutputClaims>
        <OutputClaim ClaimTypeReferenceId="Verified.strongAuthenticationPhoneNumber" />
        <OutputClaim ClaimTypeReferenceId="phoneFactorVerificationCode" />
        <OutputClaim ClaimTypeReferenceId="phoneFactorSelectedMethod" />
      </OutputClaims>
      <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
    </TechnicalProfile>
    

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James

    0 comments No comments