Reputation: 137
Azure AD B2C - Is there a way to configure single email address instead of multiple email address
We are trying to use Azure AD B2C using the Application claims. In the application claims we find the email address claim type as Emails and with value 'String Array'. We need to configure single email address instead of multiple email address having the claim type as string and claim as email instead of extended_email claim type.
Does there exist a way to configure this type of claim?
Upvotes: 1
Views: 814
Answers (1)
Reputation: 2293
This is currently not possible in B2C with standard policies. There are multiple email addresses on the user object, and if they all have values, they can all be sent in the token. Hence, the emails claim is an array.
In the future, this may be solved by emitting a claim that represents the email address or username the user used to sign in as preferred_username claim. However, there is no timeline for that yet.
On the other hand, if you are using custom policies, then you can certainly add a specific email address in the token. All you need to do is find the claim that holds the value you are seeking (e.g. signInNames.emailAddress) and put it as an OutputClaim of the TechnicalProfile in RelyingParty section. You can provide a PartnerClaimType which will be the claim type used in the token.
Upvotes: 1
Related Questions
- Azure AD B2C: Change Local Email
- Brand Azure AD B2C emails
- Azure AD B2C SignIn/Signup Flows with Email/Phone Number
- Azure AD B2C auth with username and e-mail
- Azure AD B2C Direct to Identity Provider from Email
- Can I use two email addresses for MFA using custom policies?
- Choose identity provider based on email address in AD B2C?
- Azure B2C AD: Is the email address mandatory for Local Accounts identity providers based on Username?
- Azure Ad b2c : change current email pattern validation on signup
- Sign-in to B2C using either Personal or Work or School email address