How to enable Azure B2C custom banned password list

Tina 6 Reputation points
2020-06-10T18:02:32.597+00:00

The custom banned password list option is not avaible for our Azure B2C tenant. Please advise how we can enable this feature.

Thanks,

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,458 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Saurabh Sharma 23,786 Reputation points Microsoft Employee
    2020-06-10T23:22:35.003+00:00

    You can use ClaimsTransformations component with LookupValue transformation of B2C custom polices to enable and validate the custom banned password list. If the LookupValue transformation matches up with any one of the InputParameters, then the policy will return a claim with bannedPassword as true else it will return false.

    9737-custom-policy-banned-password.png

    You can find complete implementation in GitHub repository over here.