Skip to content

Latest commit

 

History

History
22 lines (13 loc) · 1.63 KB

File metadata and controls

22 lines (13 loc) · 1.63 KB

Azure AD B2C: Sign-up with a allow-listed domain list

Live demo

To test the policy, follow these steps:

  1. Run the B2C_1A_Demo_SignUpSignIn_DomainAllowlist policy.
  2. Select the Sign-up now link.
  3. In the email field type any email address except @outlook.com, @live.com, or @gmail. For example type david@fabrikam.com, or emily@contoso.com. Then select Send verification code. You should get the following error message: Please enter a email address from one of the following domains: outlook.com, live.com, or gmail.com..
  4. Change the email address to one of the allowed domains @outlook.com or @outlook.com, @live.com, or @gmail. This time you will be able to send the verification code.

How it works

The email claim is configured with a regular expression restriction. The error message is configure in the localization part of the policy.

Scenario

This policy demonstrates how to validate the email address domain name against a list of allowed domains.

Screenshot shows the allowed domain list

Note: This sample policy is based on SocialAndLocalAccounts starter pack. All changes are marked with Demo: comment inside the policy XML files. Make the necessary changes in the Demo action required sections.