How do I remove Identity provider selection buttons from login screen?

Yashwanth Yenugu 116 Reputation points
2020-04-29T09:15:10.043+00:00

This is the ContentDefinition which I've used.

  <ContentDefinition Id="api.signuporsignin">
    <LoadUri>~/tenant/templates/AzureBlue/unified.cshtml</LoadUri>
    <RecoveryUri>~/common/default_page_error.html</RecoveryUri>
    <DataUri>urn:com:microsoft:aad:b2c:elements:unifiedssp:1.1.0</DataUri>
    <Metadata>
      <Item Key="DisplayName">Signin</Item>
      <Item Key="setting.showSignupLink">false</Item>
    </Metadata>
  </ContentDefinition>
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,759 questions
0 comments No comments
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,501 Reputation points
    2020-04-29T11:46:16.313+00:00

    There is no Metadata item similar to setting.showSignupLink that we can use to hide the IDP selection button. All supported metadata items are listed here: https://learn.microsoft.com/en-us/azure/active-directory-b2c/self-asserted-technical-profile#metadata

    If you comment out ClaimsProviderSelection, e.g. < ClaimsProviderSelection TargetClaimsExchangeId="FacebookExchange" / >, no further orchestration steps will be executed for Facebook.

    What you can do in your case is, create two SignUpOrSignIn Journeys in the TrustFrameworkExtensions file. For example,

    1. Create a user journey for social IDPs in your Extensions file, like < UserJourney Id="SignUpOrSignInSocial" > and copy orchestration steps from SocialAccounts starter pack. You would need to modify the orchestration steps based on the IDPs that you have added to your policies.
    2. Create another user journey for local accounts in your Extensions file, like < UserJourney Id="SignUpOrSignInLocal" > and copy orchestration steps from LocalAccounts starter pack.

    Once this is done, you need to create two RP files with PolicyId="B2C_1A_signup_signin_social" and "B2C_1A_signup_signin_local". Under the < RelyingParty > tag in both file, you need to update the DefaultUserJourney ReferenceId to "SignUpOrSignInSocial" and "SignUpOrSignInLocal" resepctively.

    Now, when you will run the user flow using B2C_1A_signup_signin_local, you will not see any social/federated IDP and with B2C_1A_signup_signin_social, you will only see social IDPs, not the local account signup/signin option. You can then use domain_hint parameter with B2C_1A_signup_signin_social to directly get redirected to the IDP's authentication page and for local users to signup/signin, you can use B2C_1A_signup_signin_local.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept as answer" wherever the information provided helps you to help others in the community.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Gaurang Patel 96 Reputation points
    2020-07-24T08:13:58.257+00:00

    Kind of weird that there is no way to hide external identify provider button. The above mentioned solution is not ideal when you want use with single page application with web API. You need to configure multiple authentication scheme to support validation access token for both social and local account policy, because you can't hide external identify provider links.

    Can we hide through CSS if we are using custom UI?

    0 comments No comments