As it's possible in the standard AD by changing the API application manifest option "groupMembershipClaims" to "SecurityGroup", is it possible to return user membership group in the claims with AD B2C?
Now, we can have only the default and custom attributes by adding a signin policy, but it's impossible to get user membership groups.1,719 votes
Thank you for your feedback, and this can be done using Custom Policy. Check out our Azure AD samples at Github and after some customization to it we can achieve the ask: https://github.com/azure-ad-b2c/samples/tree/master/policies/relying-party-rbac
Unlike Azure AD, B2C does not allow you to set a password expiration policy. Please allow similar capability in B2C to set both a password expiry as well as the length prior to a notice being sent to the user before their password expires.43 votes
Per NIST requirements, this is not something that actually helps in improving security. We will instead invest in features such as banning common passwords and setting custom password complexities.
However, if this is core to your success, we have a sample of how to accomplish this here: https://github.com/azure-ad-b2c/samples/tree/master/policies/force-password-reset-after-90-days
You have B2C integration for cloud applications but there is no integration of B2C with Office 365 licenses. That makes no sense. Office 365 is a cloud application and so should therefore be able to be assigned licenses from a corporation to their B2C users.38 votes
This is not a scenario we intend to support with B2C. Take a look at the B2B feature with Azure AD.
I would like to be able to add roles that are specific to an application. If you're using Azure AD B2C with multiple applications, you will certainly have different roles, used for Authorization, in the different apps.
Moreover, a user with a role, say administrator, in one application might not be an administrator of another application. This scenario could be supported by adding application roles.37 votes
Azure AD B2C supports custom claims, which can be used to add app based roles.
Similarly to the AD password reset, provide the option to show a password strength meter for local account sign-up and password reset.24 votes
Using AADB2C we have a use case where we would want only users from partner organisations (we have over 200 partners) to create identities in the Azure ADB2C directory, it would be great to allow only signups for users with verified email in specific domains.21 votes
This is not on the roadmap for now, however, you could use custom policies to make this possible (by calling out to a rest API to validate the email addresses). See the document below:
I am interested in using B2C and B2B authentication use cases to access SharePoint 2013. Please provide functionality and instruction.11 votes
Thank you for the feedback. B2C is not evaluating auth into SharePoint. /Jose Rojas
We are having a need to use nested group in AD B2C to simplify our group membership assignment and it is currently not available for AD B2C (it is for normal AD). Please considering add this feature.4 votes
Thank you for your feedback after reviewing it carefully we won’t be able to move forward with this request. This is not something we have plans to do.
- Don't see your idea?