Scribd Logo
Upload

Welcome to Scribd!

  • BRK3054 DemoTimings

    Uploaded by

    Marius Mag
    26 views12 pages
    sdwe

    Original Title

    BRK3054_DemoTimings

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    sdwe

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    26 views12 pages

    BRK3054 DemoTimings

    Uploaded by

    Marius Mag
    sdwe

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    “Our mission is to empower every person

    and every organization on the planet to


    achieve more.”

    B2C + 1 Refresher
    Features

    POD Azure Developer Scenarios

    © 2018 Microsoft Corporation. All rights reserved. Last modified: April 27, 2018

    Microsoft Proprietary and Confidential Information

    This training package content is proprietary and confidential, and is intended only for users described in the training materials. Some elements of this document are subject to
    change. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

    This content and information is provided to you under a Non-Disclosure Agreement and cannot be distributed. Copying or disclosing all or any portion of the content and/or
    information included in this package is strictly prohibited. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under
    copyright, no part of this document may be reproduced, stored in, or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical,
    photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

    Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly
    provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other
    intellectual property.

    The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any
    real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.

    The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

    Microsoft and the Microsoft products and services listed are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
    B2C + 1 Refresher Features

    Table of contents
    Usage Reporting APIs ....................................................................................................................................................................... 1
    Skip Email Verification ...................................................................................................................................................................... 3
    Scenario 1 ....................................................................................................................................................................................... 3
    Scenario 2 ....................................................................................................................................................................................... 7
    Resources............................................................................................................................................................................................ 10

    Microsoft Proprietary and Confidential Information


    B2C + 1 Refresher Features

    Usage Reporting APIs


    Note: No POD Azure Developer Scenarios here

    The PowerShell script is based on the Reporting API which itself is based on Azure AD graph. Today it uses
    the https://graph.windows.net endpoint.

    This endpoint is in public preview and may not get GA.

    The direction is to move towards Microsoft Graph from the current Azure AD Graph. So, this feature might
    undergo a corresponding change.

    Who will support it


    In Preview this will be supported by “DS Azure ADSI” team. There are engineers who are supporting Azure
    AD Graph and will be supporting this feature in Public Preview.

    POD Azure Developer Training


    POD Azure Dev engineers need to isolate that it’s a Graph call. To do so they need to look at the request
    header. Which could be found in following two ways:

    1. Look at the actual code, look for the actual request being formed and look at the Header parameter
    being passed. Example below:

    Invoke-WebRequest -Headers $headerParams -Uri

    https://graph.windows.net/$tenantdomain/reports/tenantUserCount?api-version=beta

    2. If the application source code is not available, then look at HTTP trace taken from a browser or fiddler.

    Microsoft Proprietary and Confidential Information 1


    B2C + 1 Refresher Features

    GET
    https://graph.windows.net/contosob2c.onmicrosoft.com/reports/tenantUserCount?api-
    version=beta

    Note: Subsequently, the POD Azure Developer engineer moves the case to the “DS Azure
    ADSI” team.

    Microsoft Proprietary and Confidential Information 2


    B2C + 1 Refresher Features

    Skip Email Verification


    Note: No developer troubleshooting scenarios. This is a change to the Policies on the Azure
    AD B2C. So, if it fails or doesn’t work, Azure Identity team will need to troubleshoot.

    POD Azure Developer Training


    Scenario 1
    Customer reports she doesn’t see her application asking for email verification code anymore in the Sign-
    up or combined Sign-up/Sign-In experience.

    a. First thing Dev engineer needs to do is find the tenant being used either by asking the customer
    or looking at the below configuration file of the actual application. The B2C tenant will have a
    name like “xyz.onmicrosoft.com” in the web.config of the application code. Also, make a note of
    the “SignUpPolicyId” value.
    Image 1

    b. Request customer to log-in to Azure Ibiza portal http://portal.azure.com , ask him to change the
    scope to that Azure AD Tenant.

    Microsoft Proprietary and Confidential Information 3


    B2C + 1 Refresher Features

    Image 2

    c. Once the context of the portal is switched to the concerned Tenant, navigate to the actual Azure
    AD B2C tenant. On the left-hand pane select “More Services” > Search for “Azure AD B2C”.

    Microsoft Proprietary and Confidential Information 4


    B2C + 1 Refresher Features

    Image 3

    d. Check the “Sign-up policies” & “Sign-up or sign-in policies”


    Image 4

    Microsoft Proprietary and Confidential Information 5


    B2C + 1 Refresher Features

    Below are the steps to traverse the “Sign-up policies” but the steps remain the same for “Sign-up or sign-
    in policies”. Select the policy name that we had seen in the web.config file (refer Image-1) for the
    application and follow the order of clicks as shown.
    Image 5

    Image 6

    e. Clicking the “Local account sign-up page”, opens the below customization page.

    Microsoft Proprietary and Confidential Information 6


    B2C + 1 Refresher Features

    So, the “Require verification” is set to NO, that’s the reason the application doesn’t require email
    verification.

    If they want to get verification code they would have to flip it back to Yes.

    Scenario 2
    Customer reports that he enabled “Skip Email Verification” for one application but it seems other
    applications got affected as well OR If I change the “SiUp” policy of one application it is changing the
    “SiUp” policy of other applications in the same tenant.

    a. Change the “SiUp” policy for application “My AAD B2C”

    Microsoft Proprietary and Confidential Information 7


    B2C + 1 Refresher Features

    b. The Policy updates successfully. Ibiza give a success notification.

    c. Check the policy setting for application “b2ctestapp”, which I didn’t change. But this also will get
    changed.

    Microsoft Proprietary and Confidential Information 8


    B2C + 1 Refresher Features

    Note:
    The reason is that a single Policy can be shared by multiple applications.
    While the UI on the Portal might seeming suggest the Policies and Applications are linked, the
    Policies are global for the Tenant. The above behavior is intended as per design.
    Customer will need to create a separate “Sign Up” policy and use that in the applications they
    want a different behavior.
    We allow customers who might want an email verification for application 1 but not for
    application 2, both applications residing in the same tenant.

    Microsoft Proprietary and Confidential Information 9


    B2C + 1 Refresher Features

    Resources
    Resource Lookup Note:
     Usage reporting API: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-
    directory-b2c-reference-usage-reporting-api
     Skip email verification: https://docs.microsoft.com/en-us/azure/active-directory-
    b2c/active-directory-b2c-reference-disable-ev

    Microsoft Proprietary and Confidential Information 10

    You might also like