this feature is in public preview now. https://docs.microsoft.com/en-us/graph/api/resources/trustframeworkpolicy?view=graph-rest-beta.
We are working on managing policy keys programmatically.
Hello - any updates?
This should request should encompass the full set of operations to manage B2C that are available in the Azure Portal.
-Upload policies (builtin and custom policies)
We are working on a way to allow you to call the Graph API to change the email address and MFA. We should have an update by Dec 2018.
Just to provide an update, we are close to launching a private preview. We are in the final testing stages for this feature. We will have another update in the next few weeks with instructions on how to join the private preview.
Announcement and Instructions link here:
After reading some posts, it doesn't seem like ROPC is a good idea...
I would imagine headless authentication could be resolved using Client Credential flow, no?
There is a current configuration to allow users to choose to remember a device for MFA: https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-whats-next#remember-multi-factor-authentication-for-trusted-devices
Additionally, we’re looking at providing more controls for this through conditional access.
Yes, this is just terrible UX, if I may be so blunt.
I'm filling out my password and it starts to complain and I haven't even finished yet. That makes no sense at all. What am I missing here????
We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.
That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.
Apologies for the delay.
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?
@Mark - that's a great question. I would recommend a stack overflow question with the 'azure-ad-b2c' tag.
"Is the ask here to do the same thing that regular Azure AD does?" same* ask for us
*Group names not guids please.
We have a sample for this use case here: https://github.com/azure-ad-b2c/samples/tree/master/policies/invite
Let us know what you think and if this fits your use case.
Hello B2C Team - it has been a year since your last comment, any updates?
Twitter is now in public preview! It should be available as one of the identity providers in your Azure AD B2C tenant. Here are the instructions to get setup – https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-twitter-app.
Check it out and let us know if you have any feedback!
We are looking to add additional MFA options for Azure AD B2C in the next few months. As part of the investigation, we want to learn more about your requirements. Email your feedback to email@example.com.
When you say “support for Microsoft Authenticator”, which feature are you referring to?
1. The ability to see the codes in the authenticator app
2. The ability to receive push notifications for MFA
If both, which do you prefer more?
Again, please email your feedback to firstname.lastname@example.org. Feel free to include more details about your scenarios/requirements!
We are interested in enabling this scenario and are looking for more data.
- Would you want to be able to use this in conjunction with email or would you only be interested in one way to sign up accounts at a time?
- Would you like to be able to create the account without needing an email at all?
We have restarted work on this feature. However, we don’t have a date for public preview yet.