William Noel

My feedback

  1. 102 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    17 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    William Noel commented  · 

    Evidently there are no third party packages, so this could be the only way. Don't care for firebase, love azure.

    William Noel supported this idea  · 
  2. 289 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    48 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →

    We have started the planning for this feature and hope to have a preview by the end of the calendar year. In the meantime, could you respond to aadb2cpreview@microsoft.com with the answers to the following questions:
    - In which scenarios do you plan to force the user to change his/her password?
    - What kind of information (if any) would you like to get back if the user goes through the reset flow?
    - Do you currently or plan to track which users have reset their password?

    An error occurred while saving the comment
    William Noel commented  · 

    We were hoping the onboarding process would consist of us registering their name and their email address and then force a password change at the next login. This would simplify the process for one user "inviting" another user to join. User A invites User B from User A's contact list. User B gets an email to signin (instead of signup) and at that point becomes a new user. We'd need the newUser claim, subject, object, email and display name. Initial password changes would not be tracked, subsequent changes maybe, but not if B2C would do it for us.

    An error occurred while saving the comment
    William Noel commented  · 

    Yes!

    This really open up the onboarding options for us.

    William Noel supported this idea  · 
  3. 81 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    William Noel commented  · 

    This is a great leap forward for us. Thanks!

    Graph is OK, I've already set up other graph access, but not having to do all of this by hand would be great.

    An error occurred while saving the comment
    William Noel commented  · 

    This actually cuts right to the heart of a huge support issue. We are developing a financial app. That means that when a customer forgets their email (or loses it because they lose their job, etc.) they are completely blocked out of their account. That's a show stopper.

    At the very least, do what Google does and allow us to collect multiple alternate emails which can be verified as part of the signup process. Then recovery emails can be sent to multiple emails and any one can recover the account.

    I don't sign up for any service today where I don't specify multiple recovery emails. And it's saved my butt plenty of times.

    Please implement this. Thanks.

    William Noel supported this idea  · 
  4. 8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    William Noel supported this idea  · 
  5. 8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →

    The signup/singin policy does not automatically redirect to password update by design.
    See https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-web-dotnet-susi#send-authentication-requests-to-azure-ad

    I’m leaving this item open though, to capture the ask to streamline this experience so as not to require the application to do this detection of the error code and subsequent redirection to the password reset policy.

    William Noel supported this idea  · 
    An error occurred while saving the comment
    William Noel commented  · 

    This sounds great, but if you're using Azure Mobile Apps with B2C it doesn't work. You don't have the option to capture the error code. That means on a mobile device - using 'client.LoginAsync(...)' - when you select 'forgot password' the user sees the 'Unauthorized' response page. It works on sign-in, but when you pass 'login_hint' to a sign-in policy, the company branding quits.

  6. 29 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    William Noel supported this idea  · 
  7. 138 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    24 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    William Noel supported this idea  · 
  8. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    William Noel commented  · 

    you can do this by calling the Graph API (I know, a pain) but it works.

  9. 6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
    William Noel supported this idea  · 
  10. 162 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Azure Functions  ·  Flag idea as inappropriate…  ·  Admin →

    I’ve gotten a few questions about this item recently, so I just wanted to give a more detailed status. We still have this on the backlog; it hasn’t been forgotten. But we don’t have a clear timeline for when we would get to it right now. The “unplanned” status just means that it can’t be tied to a timeline, but we do think this is a valid request that we would like to have in the product.
    - Matthew

    An error occurred while saving the comment
    William Noel commented  · 

    I'm using B2C to front end my Azure Mobile App from which I issue my own tokens. I have to add claims and other handle refresh directly.

    I have no intention of ever having an identity store and the liability that goes with it.

    I would like to be able to add Functions over time, but need to be certain that all endpoints are secure. Haven't looked at AF just yet, but seems almost certain it will be useful.

Feedback and Knowledge Base