English 中文(简体)
How to auto redirect to Auth0 IDP from Azure AD B2C custom polcieis based on certain condition
原标题:

We have added Auth0 as IDP in Azure AD B2C using custom policies. We want to redirect to Auth0 based on condition instead of user pressing button on UI.

Below is UserJourney in Azure AD B2C custom policies:

    <UserJourneys>
        <UserJourney Id="Internal" DefaultCpimIssuerTechnicalProfileReferenceId="JwtIssuer">
            <OrchestrationSteps>
                <OrchestrationStep Order="1" Type="ClaimsExchange">
                    <ClaimsExchanges>
                        <ClaimsExchange Id="pre-hrd" TechnicalProfileReferenceId="SelfAsserted-EmailOrUsernameCollect" />
                    </ClaimsExchanges>
                </OrchestrationStep>
                <OrchestrationStep Order="2" Type="ClaimsExchange">
                    <Preconditions>
                        <Precondition Type="ClaimsExist" ExecuteActionsIf="true">
                            <Value>objectIdFromSession</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition>
                    </Preconditions>
                    <ClaimsExchanges>
                        <ClaimsExchange Id="HRD" TechnicalProfileReferenceId="HRD_Api" />
                    </ClaimsExchanges>
                </OrchestrationStep>
                <OrchestrationStep Order="3" Type="ClaimsExchange">
                    <Preconditions>
                        <Precondition Type="ClaimsExist" ExecuteActionsIf="false">
                            <Value>objectIdFromSession</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition>
                    </Preconditions>
                    <ClaimsExchanges>
                        <ClaimsExchange Id="SSO_HRD" TechnicalProfileReferenceId="HRD_Api_SSO" />
                    </ClaimsExchanges>
                </OrchestrationStep>
    
                <OrchestrationStep Order="4" Type="CombinedSignInAndSignUp" ContentDefinitionReferenceId="api.signuporsignin">
                    <Preconditions>
                        <Precondition Type="ClaimEquals" ExecuteActionsIf="false">
                            <Value>idp</Value>
                            <Value>none</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition>
                <Precondition Type="ClaimEquals" ExecuteActionsIf="true">
                <Value>connection</Value>
                <Value>B2CLocalUser</Value>
                <Action>SkipThisOrchestrationStep</Action>
            </Precondition>
                    </Preconditions>
                    <ClaimsProviderSelections>                              
                        <ClaimsProviderSelection TargetClaimsExchangeId="Auth0Login" />             
                    </ClaimsProviderSelections>                     
                </OrchestrationStep>
    
                <OrchestrationStep Order="5" Type="ClaimsExchange">
                    <Preconditions>
                        <Precondition Type="ClaimEquals" ExecuteActionsIf="true">
                            <Value>connection</Value>
                            <Value>B2CLocalUser</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition>                      
                    </Preconditions>
                    <ClaimsExchanges>                                        
                        <ClaimsExchange Id="Auth0Login" TechnicalProfileReferenceId="Auth0-OID" />           
                    </ClaimsExchanges>
                </OrchestrationStep>
    
             
                <OrchestrationStep Order="6" Type="ClaimsExchange">
                    <Preconditions>
                        <Precondition Type="ClaimEquals" ExecuteActionsIf="false">
                            <Value>idp</Value>
                            <Value>none</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition>              
                    </Preconditions>
                    <ClaimsExchanges>
                        <ClaimsExchange Id="SignUpWithLogonEmailExchange" TechnicalProfileReferenceId="LocalAccountSignUpWithLogonEmail" />
                    </ClaimsExchanges>
                </OrchestrationStep>-->
    
                <OrchestrationStep Order="6" Type="ClaimsExchange">
                    <Preconditions>
                        <Precondition Type="ClaimEquals" ExecuteActionsIf="false">
                            <Value>idp</Value>
                            <Value>costcoaad</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition>
                        <Precondition Type="ClaimsExist" ExecuteActionsIf="true">
                            <Value>objectId</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition>
                    </Preconditions>
                    <ClaimsExchanges>
                        <ClaimsExchange Id="HintedAzureADExchange" TechnicalProfileReferenceId="Client-AAD" />
                    </ClaimsExchanges>
                </OrchestrationStep>

* further steps
**
***
     <OrchestrationSteps>
</UserJourney>
</UserJourneys>

This journey shows the button on the UI for Auth0 like shown below, but we want to redirect to Auth0 when "idp" value is "none" and "connection" is not "B2CLocalUser" on step 4

Instead of showing the button, we want to redirect automatically to Auth0 IDP login.

enter image description here

How can we do this? I tried to put some conditions but it did not work.

Appreacite any help.

Thanks.

Update: I was able to redirect to Auth0 without user interaction. I put step 4 as below and it redirects me to Auth0 based on the condition.

<OrchestrationStep Order="4" Type="ClaimsExchange">
            <Preconditions>
                <Precondition Type="ClaimEquals" ExecuteActionsIf="true">
                    <Value>connection</Value>
                    <Value>B2CLocalUser</Value>
                    <Action>SkipThisOrchestrationStep</Action>
                </Precondition> 
                <Precondition Type="ClaimsExist" ExecuteActionsIf="true">
                    <Value>objectId</Value>
                    <Action>SkipThisOrchestrationStep</Action>
                </Precondition>
            </Preconditions>
            <ClaimsExchanges>
                <ClaimsExchange Id="Auth0Login" TechnicalProfileReferenceId="Auth0-OID" />
            </ClaimsExchanges>
        </OrchestrationStep>
最佳回答

I was able to redirect to Auth0 without user interaction. I put step 4 as below and it redirects me to Auth0 based on the condition.

<OrchestrationStep Order="4" Type="ClaimsExchange">
                    <Preconditions>
                        <Precondition Type="ClaimEquals" ExecuteActionsIf="true">
                            <Value>connection</Value>
                            <Value>B2CLocalUser</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition> 
                        <Precondition Type="ClaimsExist" ExecuteActionsIf="true">
                            <Value>objectId</Value>
                            <Action>SkipThisOrchestrationStep</Action>
                        </Precondition>
                    </Preconditions>
                    <ClaimsExchanges>
                        <ClaimsExchange Id="Auth0Login" TechnicalProfileReferenceId="Auth0-OID" />
                    </ClaimsExchanges>
                </OrchestrationStep>
时间:2024-03-20 02:56:18
问题回答

暂无回答


上一篇:
下一篇:


相关问题
Decoding http response with certificate

I m new to php and I need to authenticate to a SSO server. The SSO server is a .Net one, using a SSL certificate. When I go back from the SSO server, the response is encoded. I have the key of the ...

时间:2009-12-17 10:59:21 回答:1 展示:1
understanding Shibboleth and SAML

I have a Drupal site I am standing up for a client. I ve been asked to use Single Sign on using SAML2 (where I would be the service provider and my client would be the identity provider). The best ...

时间:2009-12-03 19:50:35 回答:1 展示:1
Showing a secure password dialog on a web page

I ve built a Single-Sign-On system for our web network. It works like this: User clicks a login link on the site he wants to log in to (the "Unsafe Site"). The unsafe site s ID is passed in the URL. ...

时间:2009-11-25 00:49:45 回答:2 展示:1
Generate SAML 1.1 (and possibly 2.0) assertions

I m looking for a very easy and quick way to generate some SAML assertions. This is only going to be used for testing (using SOAP UI). So I just need something that can generate a valid assertion, ...

时间:2009-11-24 21:27:44 回答:1 展示:1
Cookie based SSO

How can I implement a cookie based single sign on without a sso server? I would to share the user logged in across multiple applications using only a cookie on the browser. In my mind it s working ...

时间:2009-11-23 16:19:47 回答:6 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全