本文介绍了返回有关自定义政策的电子邮件的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时删除!!

我正在使用自定义策略,我发现内置策略中存在电子邮件"字段,但自定义策略中不存在该字段.而是有一个名为otherMails的声明.

I'm using custom policies and I saw that the field "emails" that exists in built-in policies but doesn't exist in custom policies. There is a claim named otherMails instead.

  • 我想用自己的令牌返回一个emails声明,并带有用户电子邮件列表.
  • 我希望对我的注册/登录和密码重置政策提出要求.
  • I want to return an emails claim in my tokens with a list of user emails.
  • I want that claim on my signup/sign-in and password reset policies.

我正在使用入门包中的自定义策略.但是我不知道应该更改哪个TechnicalProfiles.我尝试了几件事,但是没有用.

I'm using the custom policies in the starter pack. But I don't know which TechnicalProfiles should I change. I tried a few things but it doesn't work.

提前谢谢!

推荐答案

编写本地帐户时:必须使用"CreateOtherMailsFromEmail"声明转换从"email"声明中创建"otherMails"声明,然后保留"otherMails" "在"AAD-UserWriteUsingLogonEmail"技术资料中的声明:

When writing a local account: You must create the "otherMails" claim from the "email" claim using the "CreateOtherMailsFromEmail" claims transformation and then persist the "otherMails" claim in the "AAD-UserWriteUsingLogonEmail" technical profile:

<TechnicalProfile Id="AAD-UserWriteUsingLogonEmail">
  ...
  <IncludeInSso>false</IncludeInSso>
  <InputClaimsTransformations>
    <InputClaimsTransformation ReferenceId="CreateOtherMailsFromEmail" />
  </InputClaimsTransformations>
  <InputClaims>
    ...
  </InputClaims>
  <PersistedClaims>
    ...
    <PersistedClaim ClaimTypeReferenceId="otherMails" />
  </PersistedClaims>
  <OutputClaims>
    ...
    <OutputClaim ClaimTypeReferenceId="otherMails" />
  </OutputClaims>
  ...
</TechnicalProfile>

然后,您必须从"LocalAccountSignUpWithLogonEmail"技术档案中传递"otherMails"声明,以调用该技术档案来注册本地帐户:

You must then pass the "otherMails" claim out from the "LocalAccountSignUpWithLogonEmail" technical profile that is invoked to register a local account:

<TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">
    ...
    <OutputClaims>
        ...
        <OutputClaim ClaimTypeReferenceId="otherMails" />
    </OutputClaims>
</TechnicalProfile>

编写社交帐户时:已经从电子邮件"声明中创建了"otherMails"声明,然后将其保留在"AAD-UserWriteUsingAlternativeSecurityId"技术配置文件中.

When writing a social account: The "otherMails" claim is already created from the "email" claim and then persisted in the "AAD-UserWriteUsingAlternativeSecurityId" technical profile.

然后,您必须将"otherMails"声明从"SelfAsserted-Social"技术资料传递出去,该资料被调用来注册社交帐户:

You must then pass the "otherMails" claim out from the "SelfAsserted-Social" technical profile that is invoked to register a social account:

<TechnicalProfile Id="SelfAsserted-Social">
    ...
    <OutputClaims>
        ...
        <OutputClaim ClaimTypeReferenceId="otherMails" />
    </OutputClaims>
</TechnicalProfile>

在读取本地帐户或社交帐户时:已在"AAD-UserReadUsingObjectId","AAD-UserReadUsingEmailAddress"和"AAD-UserReadUsingAlternativeSecurityId"技术资料中读取"otherMails"声明.

When reading a local or social account: The "otherMails" claim is already read in the "AAD-UserReadUsingObjectId", "AAD-UserReadUsingEmailAddress", and "AAD-UserReadUsingAlternativeSecurityId" technical profiles.

然后,您必须从"LocalAccountDiscoveryUsingEmailAddress"技术配置文件中传递"otherMails"声明,并调用该技术配置文件来恢复本地密码:

You must then pass the "otherMails" claim out from the "LocalAccountDiscoveryUsingEmailAddress" technical profile that is invoked to recover a local password:

<TechnicalProfile Id="LocalAccountDiscoveryUsingEmailAddress">
    ...
    <OutputClaims>
        ...
        <OutputClaim ClaimTypeReferenceId="otherMails" />
    </OutputClaims>
</TechnicalProfile>

要通过注册/登录和密码重置策略将"otherMail"声明作为电子邮件"发布:您必须将"otherMails"声明作为<OutputClaim />添加到依赖方策略:

To issue the "otherMail" claim as "emails" from the sign-up/sign-in and password reset policies: You must add the "otherMails" claim as <OutputClaim /> to the relying party policies:

<RelyingParty>
    ...
    <TechnicalProfile Id="PolicyProfile">
        <OutputClaims>
            ...
            <OutputClaim ClaimTypeReferenceId="otherMails" PartnerClaimType="emails" />
        </OutputClaims>
    </TechnicalProfile>
</RelyingParty>

这篇关于返回有关自定义政策的电子邮件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

1403页,肝出来的..

09-08 03:14