You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory-b2c/self-asserted-technical-profile.md
+7-5Lines changed: 7 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,7 +9,7 @@ manager: celestedg
9
9
ms.service: active-directory
10
10
ms.workload: identity
11
11
ms.topic: reference
12
-
ms.date: 02/17/2020
12
+
ms.date: 03/16/2020
13
13
ms.author: mimart
14
14
ms.subservice: B2C
15
15
---
@@ -64,8 +64,8 @@ In the display claims collection, you can include a reference to a [DisplayContr
64
64
65
65
The following example `TechnicalProfile` illustrates the use of display claims with display controls.
66
66
67
-
* The first display claim makes a reference to the `emailVerificationControl` display control which collects and verifies the email address.
68
-
* The fifth display claim makes a reference to the `phoneVerificationControl` display control which collects and verifies a phone number.
67
+
* The first display claim makes a reference to the `emailVerificationControl` display control, which collects and verifies the email address.
68
+
* The fifth display claim makes a reference to the `phoneVerificationControl` display control, which collects and verifies a phone number.
69
69
* The other display claims are ClaimTypes to be collected from the user.
70
70
71
71
```XML
@@ -117,6 +117,8 @@ The `age` claim in the base policy is no longer presented on the screen to the u
117
117
118
118
The **OutputClaims** element contains a list of claims to be returned to the next orchestration step. The **DefaultValue** attribute takes effect only if the claim has never been set. If it was set in a previous orchestration step, the default value does not take effect even if the user leaves the value empty. To force the use of a default value, set the **AlwaysUseDefaultValue** attribute to `true`.
119
119
120
+
For security reasons, a password claim value (`UserInputType` set to `Password`) is available only to the self-asserted technical profile's validation technical profiles. You cannot use password claim in the next orchestration steps.
121
+
120
122
> [!NOTE]
121
123
> In previous versions of the Identity Experience Framework (IEF), output claims were used to collect data from the user. To collect data from the user, use a **DisplayClaims** collection instead.
122
124
@@ -126,7 +128,7 @@ The **OutputClaimsTransformations** element may contain a collection of **Output
126
128
127
129
In a self-asserted technical profile, the output claims collection returns the claims to the next orchestration step.
128
130
129
-
You should use output claims when:
131
+
Use output claims when:
130
132
131
133
-**Claims are output by output claims transformation**.
132
134
-**Setting a default value in an output claim** without collecting data from the user or returning the data from the validation technical profile. The `LocalAccountSignUpWithLogonEmail` self-asserted technical profile sets the **executed-SelfAsserted-Input** claim to `true`.
@@ -190,7 +192,7 @@ You can also call a REST API technical profile with your business logic, overwri
190
192
| AllowGenerationOfClaimsWithNullValues| No| Allow to generate a claim with null value. For example, in a case user doesn't select a checkbox.|
191
193
| ContentDefinitionReferenceId | Yes | The identifier of the [content definition](contentdefinitions.md) associated with this technical profile. |
192
194
| EnforceEmailVerification | No | For sign-up or profile edit, enforces email verification. Possible values: `true` (default), or `false`. |
193
-
| setting.retryLimit | No | Controls the number of times a user can try to provide the data that is checked against a validation technical profile. For example, a user tries to sign-up with an account that already exists and keeps trying until the limit reached.
195
+
| setting.retryLimit | No | Controls the number of times a user can try to provide the data that is checked against a validation technical profile. For example, a user tries to sign-up with an account that already exists and keeps trying until the limit reached.
194
196
| SignUpTarget <sup>1</sup>| No | The signup target exchange identifier. When the user clicks the sign-up button, Azure AD B2C executes the specified exchange identifier. |
195
197
| setting.showCancelButton | No | Displays the cancel button. Possible values: `true` (default), or `false`|
196
198
| setting.showContinueButton | No | Displays the continue button. Possible values: `true` (default), or `false`|
0 commit comments