问题描述
中国区Azure B2C 是否支持手机验证码登录呢?
问题回答
在没有原生 Phone sign-up and sign-in for user flows (中国区不支持,Global Azure支持) 的情况下,可以使用B2C自定义策略实现 Phone sign-up and sign-in,测试步骤如下:
步骤一:在AAD B2C tenant中, 首先需要创建两个应用程序和Policy Keys。参考教程: 创建用户流和自定义策略 - Azure Active Directory B2C(https://docs.azure.cn/zh-cn/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy)
步骤二:下载 Phone_Email_Base.xml(Link:https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/blob/main/scenarios/phone-number-passwordless/Phone_Email_Base.xml),修改其中的 disclaimer_link_1_url, disclaimer_link_1_url, disclaimer_link_2_url
PS: 参照文档说明(Instructions)更改相应参数,修改完成后使用 Upload custom policy 进行上传
步骤三:下载 SignUpOrSignInWithPhone.xml(Link:https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/blob/main/scenarios/phone-number-passwordless/SignUpOrSignInWithPhone.xml),修改其中的 Tenant id,修改完成后使用Upload custom policy进行上传
如无法打开Github,可以从文末附录中下载。
最后:点击Run now进行测试
手机访问页面效果为:
附录一:Phone_Email_Base.xml
View Code
附录二:SignUpOrSignInWithPhone.xml
<TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="yourtenant.onmicrosoft.com" PolicyId="B2C_1A_SignUpOrSignInWithPhone" PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_SignUpOrSignInWithPhone" > <BasePolicy> <TenantId>yourtenant.onmicrosoft.com</TenantId> <PolicyId>B2C_1A_Phone_Email_Base</PolicyId> </BasePolicy> <RelyingParty> <DefaultUserJourney ReferenceId="SignUpOrSignInWithPhone" /> <TechnicalProfile Id="PolicyProfile"> <DisplayName>PolicyProfile</DisplayName> <Protocol Name="OpenIdConnect" /> <OutputClaims> <OutputClaim ClaimTypeReferenceId="displayName" /> <OutputClaim ClaimTypeReferenceId="givenName" /> <OutputClaim ClaimTypeReferenceId="surname" /> <OutputClaim ClaimTypeReferenceId="signInNames.phoneNumber" /> <OutputClaim ClaimTypeReferenceId="strongAuthenticationEmailAddress" /> <OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub" /> <OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}" /> </OutputClaims> <SubjectNamingInfo ClaimType="sub" /> </TechnicalProfile> </RelyingParty> </TrustFrameworkPolicy>