Azure AD B2C – New phone sign in authentication method available (preview)

After being introduced for Azure Active Directory (AAD), the phone sign in authentication method is now being available (in preview) for Azure Active Directory Business to Consumer (AAD B2C).

This allows you to setup authentication method allowing your consumer users to authenticate using their phone number and one one-time code.

To start using it you need to upload the custom policy for phone authentication (available https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/master/scenarios/phone-number-passwordless) by logging on to your Azure AD B2C administration portal and accessing the Identity Experience Framework blade

image_thumb  image_thumb[1]

Before uploading the custom policy files, you need to:

  • Replace the default <TenantId> value (yourtenant.onmicrosoft.com) with your AAD B2C tenant. Use the search & replace function
  • Add the application ID which will use the phone authentication by replacing all instances of IdentityExperienceFrameworkAppId and ProxyIdentityExperienceFrameworkAppId with the application ID in the Phone_Email_Base.xml file

image_thumb[3]

Once all done, you can upload the files in the following order:

  1. Phone_Email_Base.xml
  2. SignUpOrSignInWithPhone.xml
  3. SignUpOrSignInWithPhoneOrEmail.xml
  4. ProfileEditPhoneOnly.xml
  5. ProfileEditPhoneEmail.xml
  6. ChangePhoneNumber.xml
  7. PasswordResetEmail.xml

image_thumb[4]

NOTE Azure automatically adds the prefix B2C_1A

Then you can test the flow by opening the

B2C_1A_SignUpOrSignInWithPhone custom policy, select your application (referenced by the App ID you defined earlier) and use the Run Now button

image_thumb[5]

You will be able to sign-in with a phone number, depending on how the phone number is entered the user may have to define the country (aka if the international dialling code is not provided).

How it looks like when registering

image_thumb[8]  image_thumb[11]

How it looks like when authenticating

image_thumb[6]  image_thumb[7]  image_thumb[10]

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies