Merge pull request #107302 from yoelhor/patch-20

Update user-flow-disable-email-verification.md

Author: GitHubber17

articles/active-directory-b2c/TOC.yml

@@ -187,6 +187,8 @@
       - name: Custom email
         href: custom-email.md
         displayName: verification
+      - name: Disable email verification
+        href: custom-policy-disable-email-verification.md
       - name: Enable JavaScript
         href: javascript-samples.md
       - name: Password complexity

articles/active-directory-b2c/custom-policy-disable-email-verification.md

@@ -0,0 +1,56 @@
+---
+title: Disable email verification during customer sign-up with a custom policy
+titleSuffix: Azure AD B2C
+description: Learn how to disable email verification during customer sign-up in Azure Active Directory B2C.
+services: active-directory-b2c
+author: msmimart
+manager: celestedg
+
+ms.service: active-directory
+ms.workload: identity
+ms.topic: conceptual
+ms.date: 03/11/2020
+ms.author: mimart
+ms.subservice: B2C
+---
+
+# Disable email verification during customer sign-up using a custom policy in Azure Active Directory B2C
+
+[!INCLUDE [disable email verification intro](../../includes/active-directory-b2c-disable-email-verification.md)]
+
+## Prerequisites
+
+Complete the steps in [Get started with custom policies](custom-policy-get-started.md). You should have a working custom policy for sign-up and sign-in with social and local accounts.
+
+## Add the metadata to the self-asserted technical profile
+
+The **LocalAccountSignUpWithLogonEmail** technical profile is a [self-asserted](self-asserted-technical-profile.md), which is invoked during the sign-up flow. To disable the email verification, set the `EnforceEmailVerification` metadata to false. Override the LocalAccountSignUpWithLogonEmail technical profiles in the extension file. Find the `ClaimsProviders` element. Add the following claims provider to the `ClaimsProviders` element:
+
+
+```XML
+<ClaimsProvider>
+  <DisplayName>Local Account</DisplayName>
+  <TechnicalProfiles>
+    <TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email">
+      <Metadata>
+        <Item Key="EnforceEmailVerification">false</Item>
+      </Metadata>
+    </TechnicalProfile>
+  </TechnicalProfiles>
+</ClaimsProvider>
+```
+
+## Test the custom policy
+
+1. Sign in to the [Azure portal](https://portal.azure.com).
+2. Make sure you're using the directory that contains your Azure AD tenant by selecting the **Directory + subscription** filter in the top menu and choosing the directory that contains your Azure AD tenant.
+3. Choose **All services** in the top-left corner of the Azure portal, and then search for and select **App registrations**.
+4. Select **Identity Experience Framework**.
+5. Select **Upload Custom Policy**, and then upload the two policy files that you changed.
+2. Select the sign-up or sign-in policy that you uploaded, and click the **Run now** button.
+3. You should be able to sign up using an email address without the validation.
+
+
+## Next steps
+
+- Learn more about the [self-asserted technical profile](self-asserted-technical-profile.md) in the IEF reference.

articles/active-directory-b2c/user-flow-disable-email-verification.md

@@ -9,16 +9,14 @@ manager: celestedg
 ms.service: active-directory
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 09/25/2018
+ms.date: 03/11/2020
 ms.author: mimart
 ms.subservice: B2C
 ---
 
 # Disable email verification during customer sign-up in Azure Active Directory B2C
 
-By default, Azure Active Directory B2C (Azure AD B2C) verifies your customer's email address for local accounts (accounts for users who sign up with email address or username). Azure AD B2C ensures valid email addresses by requiring customers to verify them during the sign-up process. It also prevents a malicious actors from using automated processes to generate fraudulent accounts in your applications.
-
-Some application developers prefer to skip email verification during the sign-up process and instead have customers verify their email address later. To support this, Azure AD B2C can be configured to disable email verification. Doing so creates a smoother sign-up process and gives developers the flexibility to differentiate customers that have verified their email address from customers that have not.
+[!INCLUDE [disable email verification intro](../../includes/active-directory-b2c-disable-email-verification.md)]
 
 Follow these steps to disable email verification:
 
@@ -30,8 +28,10 @@ Follow these steps to disable email verification:
 1. Select **Page layouts**.
 1. Select **Local account sign-up page**.
 1. Under **User attributes**, select **Email Address**.
-1. In the **REQUIRES VERIFICATION** drop down, select **No**.
+1. In the **REQUIRES VERIFICATION** drop-down, select **No**.
 1. Select **Save**. Email verification is now disabled for this user flow.
 
-> [!WARNING]
-> Disabling email verification in the sign-up process may lead to spam. If you disable the default Azure AD B2C-provided email verification, we recommend that you implement a replacement verification system.
+## Next steps
+
+- Learn how to [customize the user interface in Azure Active Directory B2C](customize-ui-overview.md)
+

includes/active-directory-b2c-disable-email-verification.md

@@ -0,0 +1,16 @@
+---
+author: msmimart
+ms.service: active-directory-b2c
+ms.subservice: B2C
+ms.topic: include
+ms.date: 03/11/2020
+ms.author: mimart
+---
+## Disable email verification
+
+By default, Azure Active Directory B2C (Azure AD B2C) verifies your customer's email address for local accounts (accounts for users who sign up with email address or username). Azure AD B2C ensures valid email addresses by requiring customers to verify them during the sign-up process. It also prevents malicious actors from using automated processes to generate fraudulent accounts in your applications.
+
+Some application developers prefer to skip email verification during the sign-up process and instead have customers verify their email address later. To support this, Azure AD B2C can be configured to disable email verification. Doing so creates a smoother sign-up process and gives developers the flexibility to differentiate customers that have verified their email address from customers that have not.
+
+> [!WARNING]
+> Disabling email verification in the sign-up process may lead to spam. If you disable the default Azure AD B2C-provided email verification, we recommend that you implement a replacement verification system.