0

The scenario is that we want to create a database registry with customer data at the same time that the user's AD B2C account is created, because of business requirements.

Right now, our application receives input from the user (name, phone, etc.), saves it into the browser local storage, enters the B2C signup process, and after returning to the application, it then writes to the database. This, of course, is not very desirable and prone to errors and confusion.

We want to make that database write as a Validation Technical Profile of the B2C signup process, and only create the B2C account if the database write is successful.

I have no problems making the actual REST call, but what is not clear to me is how to get the data from the web application for use in my technical profile.

I was hoping to get some guidance because the B2C documentation is not very clear, and pretty overwhelming.

So far this is the closest to what I need that I've found in the samples: https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/master/scenarios/aadb2c-ief-rest-api-netfw-secure-basic

EDIT: for clarification, during our signup process, we collect some data BEFORE entering the B2C signup page, and this is the data that we need to send to the REST call.

EDIT2: I think this question is more related to what I'm trying to achieve, though it's still not clear to me how they're feeding the InputClaim value on the RelyingParty.

Luis Octavio Lomeli Navarrete
  • 51
  • 9
  • “ how to get the data from the web application for use in my technical profile.” - what data? Isn’t the user entering their data into the B2C sign up page? – Jas Suri - MSFT Oct 26 '20 at 08:42
  • @JasSuri-MSFT We collect other information from the user outside the B2C pages, and we need to get that data inside those flows. – Luis Octavio Lomeli Navarrete Oct 26 '20 at 17:04
  • I think this question is more in line with what I need, though I still don't understand how they're feeding the InputClaim "extension_VerifiedEmail" into the RelyingParty https://stackoverflow.com/questions/46380468/azure-ad-b2c-pre-populate-a-custom-attribute-in-the-signup-policy – Luis Octavio Lomeli Navarrete Oct 26 '20 at 17:19
  • @LuisOctavioLomeliNavarrete The answer provided by the Yoel would be the idea way to store and read user profile in a remote database by calling the REST API to persist the user profile. The above comment inputClaim "extension_verfiedEmail" is passed as a `login_hint` [query parameter](https://learn.microsoft.com/en-us/azure/active-directory-b2c/direct-signin#prepopulate-the-sign-in-name) in the authorization request – Raghavendra beldona Nov 10 '20 at 17:39
  • What I ended up doing was sending the user data packed as claims on a JWT with the id_token_hint parameter, using a technical profile to unpack the claims and passing them as InputClaims on the RelyingParty. I used the invite sample to start off, from here: https://github.com/azure-ad-b2c/samples/tree/master/policies/invite I had forgotten about this, I'll write a proper answer when I get off from work. – Luis Octavio Lomeli Navarrete Nov 10 '20 at 19:19

1 Answers1

0

Please check out the remote profile solution.

Yoel Hor
  • 114
  • 3