mattmazzola

My feedback

  1. 529 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      113 comments  ·  Azure portal » Search + navigation  ·  Flag idea as inappropriate…  ·  Admin →
      mattmazzola commented  · 

      Is the new directory picker suppose to show when I click my username? I don't see it either.

      It seems like the admin post above was incomplete. It says "...with ." With what?

      mattmazzola supported this idea  · 
    • 2,155 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        67 comments  ·  Storage » Blobs  ·  Flag idea as inappropriate…  ·  Admin →

        Thank you for your feedback. We are currently in public preview of static website hosting for Azure Storage to enable this scenario. Check out the blog post here for more details: https://azure.microsoft.com/en-us/blog/azure-storage-static-web-hosting-public-preview. The feature set includes support for default documents and custom error documents for HTTP status code 404.

        For any further questions, or to discuss your specific scenario, send us an email at azurestoragefeedback@microsoft.com.

        mattmazzola commented  · 

        Also interested in the feature. Please send update on progress as soon as possible.

        Is there a recommended work-around to at least appease us until the feature is implemented?

      • 14 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          2 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →
          mattmazzola commented  · 

          I previously had my application directly connected to Facebook. With this setup I was able to get all the information about the user: gender, profile picture, link to profile, locale, etc. I like this because I can directly re-use this information in my app and my users don't need to go through yet another sign-up process to re-enter the same information which is too high barrier to entry and might make them leave.

          However, I wanted to use facebook tokens to call my web api but from my understanding this is not possible to do safely. It seems Facebook doesn't return JWT's. Their tokens are essentially opaque except for the special /debug endpoint but that can't be used for validation since it requires admin access token to request. From my understanding this means facebook tokens can only be validated by facebook not on my web api. This made me look to B2C as a solution to give me Facebook login but a predictable way to validate tokens issued by AAD.

          This worked very well, but now I only get the email and name of the user and lost the ability to show their nice picture which they would mentally associate with their profile.

          There was similar question in the FAQs about this:
          "Can I configure scopes to gather more information about consumers from various social identity providers?

          No, but this feature is on our roadmap. The default scopes used for our supported set of social identity providers are:"
          https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-faqs

          I originally though exposing more claims might be difficult since you would likely want to standardize across all Identity providers, but then I thought there could be alternative solution of exposing the token the identity provider returned as another query parameter in the authentication response. Today we get access_token, id_token, and maybe we could get idp_token or original_token. I could then use this facebook token to manually request the users photo or whatever I wanted. This way it's up to the developer to diverge and do the custom logic but they get the best of both worlds. They get the awesome management and normalization B2C provides but they also have the ability to go get data directly from the identity provider if they choose to.

          mattmazzola supported this idea  · 
        • 621 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            45 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →

            We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.

            That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.

            Apologies for the delay.

            /Parakh


            Old message:
            We’re doing some research both on the specifics of this ask as well as what it would take to support this.
            Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?

            mattmazzola supported this idea  · 

          Feedback and Knowledge Base