您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

客户在 Azure Active Directory B2C 中注册期间禁用电子邮件验证Disable email verification during customer sign-up in Azure Active Directory B2C

开始之前,请使用上面的选择器选择要配置的策略类型。Before you begin, use the selector above to choose the type of policy you’re configuring. Azure AD B2C 提供了两种定义用户如何与应用程序交互的方法:通过预定义的用户流,或者通过可完全配置的自定义策略Azure AD B2C offers two methods of defining how users interact with your applications: through predefined user flows, or through fully configurable custom policies. 对于每种方法,本文中所需的步骤都不同。The steps required in this article are different for each method.

默认情况下,Azure Active Directory B2C (Azure AD B2C) 将验证客户的本地帐户(使用电子邮件地址或用户名注册的用户的帐户)的电子邮件地址。By default, Azure Active Directory B2C (Azure AD B2C) verifies your customer's email address for local accounts (accounts for users who sign up with email address or username). Azure AD B2C 通过要求客户在注册过程中验证电子邮件地址来确保电子邮件地址有效。Azure AD B2C ensures valid email addresses by requiring customers to verify them during the sign-up process. 它还可防止恶意执行组件使用自动过程在您的应用程序中生成欺诈帐户。It also prevents malicious actors from using automated processes to generate fraudulent accounts in your applications.

某些应用程序开发人员愿意在注册过程中跳过电子邮件验证,而让客户在以后验证电子邮件地址。Some application developers prefer to skip email verification during the sign-up process and instead have customers verify their email address later. 要支持此功能,可将 Azure AD B2C 配置为禁用电子邮件验证。To support this, Azure AD B2C can be configured to disable email verification. 这样做可创建更流畅的注册过程,并使开发人员可以灵活地将已验证电子邮件地址的客户与尚未验证电子邮件地址的客户区分开来。Doing so creates a smoother sign-up process and gives developers the flexibility to differentiate customers that have verified their email address from customers that have not.

警告

在注册过程中禁用电子邮件验证可能会导致垃圾邮件。Disabling email verification in the sign-up process may lead to spam. 如果禁用默认 Azure AD B2C 提供的电子邮件验证,我们建议你实现替换验证系统。If you disable the default Azure AD B2C-provided email verification, we recommend that you implement a replacement verification system.

先决条件Prerequisites

禁用电子邮件验证Disable email verification

请按照以下步骤禁用电子邮件验证:Follow these steps to disable email verification:

  1. 登录到 Azure 门户Sign in to the Azure portal
  2. 使用顶部菜单中的“目录 + 订阅”筛选器来选择包含 Azure AD B2C 租户的目录。Use the Directory + subscription filter in the top menu to select the directory that contains your Azure AD B2C tenant.
  3. 在左侧菜单中,选择“Azure AD B2C”。In the left menu, select Azure AD B2C. 或者,选择“所有服务”并搜索并选择“Azure AD B2C”。Or, select All services and search for and select Azure AD B2C.
  4. 选择“用户流”。Select User flows.
  5. 选择要禁用电子邮件验证的用户流。Select the user flow for which you want to disable email verification. 例如,B2C_1_signinsignupFor example, B2C_1_signinsignup.
  6. 选择“页面布局”。Select Page layouts.
  7. 选择“本地帐户注册页”。Select Local account sign-up page.
  8. 用户属性 下,选择“电子邮件地址”。Under User attributes, select Email Address.
  9. 在 " 需要验证 " 下拉顺序中,选择 " "。In the REQUIRES VERIFICATION drop-down, select No.
  10. 选择“保存”。Select Save. 现在已为此用户流禁用电子邮件验证。Email verification is now disabled for this user flow.

LocalAccountSignUpWithLogonEmail 技术配置文件是 自行断言的,它是在注册流程中调用的。The LocalAccountSignUpWithLogonEmail technical profile is a self-asserted, which is invoked during the sign-up flow. 若要禁用电子邮件验证,请将 EnforceEmailVerification 元数据设置为 false。To disable the email verification, set the EnforceEmailVerification metadata to false. 覆盖扩展文件中的 LocalAccountSignUpWithLogonEmail 技术配置文件。Override the LocalAccountSignUpWithLogonEmail technical profiles in the extension file.

  1. 打开策略的扩展文件,Open the extensions file of your policy. 例如,SocialAndLocalAccounts/``TrustFrameworkExtensions.xmlFor example, SocialAndLocalAccounts/TrustFrameworkExtensions.xml.
  2. 查找 ClaimsProviders 元素。Find the ClaimsProviders element. 如果该元素不存在,请添加该元素。If the element doesn't exist, add it.
  3. 将以下声明提供程序添加到 ClaimsProviders 元素:Add the following claims provider to the ClaimsProviders element:
<ClaimsProvider>
  <DisplayName>Local Account</DisplayName>
  <TechnicalProfiles>
    <TechnicalProfile Id="LocalAccountSignUpWithLogonEmail">
      <Metadata>
        <Item Key="EnforceEmailVerification">false</Item>
      </Metadata>
    </TechnicalProfile>
  </TechnicalProfiles>
</ClaimsProvider>

测试策略Test your policy

  1. 登录到 Azure 门户Sign in to the Azure portal
  2. 使用顶部菜单中的“目录 + 订阅”筛选器来选择包含 Azure AD B2C 租户的目录。Use the Directory + subscription filter in the top menu to select the directory that contains your Azure AD B2C tenant.
  3. 在左侧菜单中,选择“Azure AD B2C”。In the left menu, select Azure AD B2C. 或者,选择“所有服务”并搜索并选择“Azure AD B2C”。Or, select All services and search for and select Azure AD B2C.
  4. 选择“用户流”。Select User flows.
  5. 选择要禁用电子邮件验证的用户流。Select the user flow for which you want to disable email verification. 例如,B2C_1_signinsignupFor example, B2C_1_signinsignup.
  6. 若要测试策略,请选择 " 运行用户流"。To test your policy, select Run user flow.
  7. 对于 " 应用程序",请选择前面注册的名为 testapp1-template.json 的 web 应用程序。For Application, select the web application named testapp1 that you previously registered. “回复 URL”应显示为 https://jwt.msThe Reply URL should show https://jwt.ms.
  8. 单击 "运行用户流"Click Run user flow
  9. 你应该能够在不进行验证的情况下使用电子邮件地址进行注册。You should be able to sign up using an email address without the validation.

更新和测试信赖方文件Update and test the relying party file

  1. 登录 Azure 门户Sign in to the Azure portal.
  2. 请确保使用包含 Azure AD 租户的目录,方法是选择顶部菜单中的“目录 + 订阅”筛选器,然后选择包含 Azure AD 租户的目录。Make sure you're using the directory that contains your Azure AD tenant by selecting the Directory + subscription filter in the top menu and choosing the directory that contains your Azure AD tenant.
  3. 选择 Azure 门户左上角的“所有服务”,然后搜索并选择“应用注册” 。Choose All services in the top-left corner of the Azure portal, and then search for and select App registrations.
  4. 选择“标识体验框架”。Select Identity Experience Framework.
  5. 选择“上传自定义策略”,然后上传已更改的两个策略文件。Select Upload Custom Policy, and then upload the two policy files that you changed.
  6. 选择已上传的注册或登录策略,并单击“立即运行”按钮。Select the sign-up or sign-in policy that you uploaded, and click the Run now button.
  7. 你应该能够在不进行验证的情况下使用电子邮件地址进行注册。You should be able to sign up using an email address without the validation.

后续步骤Next steps