With the Identity Experience Framework, which underlies Azure Active Directory B2C (Azure AD B2C), you can integrate with a RESTful API in a user journey. This sample .Net core web API, demonstrate the use of Restful technical profile in user journey's orchestration step and as a validation technical profile
In the SignUpOrSignIn user journey step number 7, Azure AD B2C makes a call to the REST-GetLoyaltyNumber technical profile. This technical profile returns a random loyalty number. The SignUpOrSignIn relying party policy returns loyaltyNumber claim to the relying party application.
REST-GetLoyaltyNumber technical profile, sends the user UI language. The loyalty number includes the language Id and a random value, for example:
{
"loyaltyNumber": "1033-1282",
"email": "someone@contoso.com"
}
The LocalAccountSignUpWithLogonEmail is configured to add the REST-ValidateEmail validation technical profile (before the AAD-UserWriteUsingLogonEmail). Make sure to keep this order, because you want to: first validate the user input, then create the account in the directory.
The validation technical profile, simply checks if the email address provided by the user, starts with 'test'. If yes, the REST API returns the error, preventing the user from creating the account. Otherwise the REST API return the email in lower case and the loyalty number.
- From Azure Portal select Azure AD B2C Settings, and then select Identity Experience Framework.
- Open B2C_1A_REST_signup_signin, the relying party (RP) custom policy that you uploaded, and then select Run now.
- Sign-in with any account
- Check the return JTW token contains the loyaltyNumber claim
- Run the policy again, this time click on Don't have an account?Sign up now link
- In the email address, type any email that starts with 'test'. Note: the email verification is disabled, so you can type any email address. Azure AD B2C will not validate the email address, unless you remove the EnforceEmailVerification metadata from the LocalAccountSignUpWithLogonEmail technical profile.
Links to custom REST API source code for following platform:
Azure Function - C# |
.Net Core |
Node.js |
Java |
Python (on Linux) |
The sample is developed and managed by the open-source community in GitHub. The application is not part of Azure AD B2C product and it's not supported under any Microsoft standard support program or service. The sample (Azure AD B2C policy and any companion code) is provided AS IS without warranty of any kind.
Note: This sample policy is based on SocialAndLocalAccounts starter pack. All changes are marked with Demo: comment inside the policy XML files. Make the nessacery changes in the Demo action required sections.