Question:
I’m using an Azure B2C tenant for an application I am building.One of the requirements of the application is that I need to allow users to register by company. Each user should see all company resources in the application.
I see that I can add custom attributes on the registraion as stated in the Microsoft docs here but I am not sure if this the best way to handle.
I did some searching but didn’t see any good examples of how to implement this I could work from.
I know I would need to store the company, in some form, when the user registers, but what is the best practice for doing this with Azure B2C?
How do we avoid someone registering with the wrong company? Limit access by domain and or company? Additional approval?
Answer:
When you say “register by company”, it sounds like you want to associate each user with a company. A custom attribute seems like an appropriate solution. It would store a simple text value representing the company by name or ID. However, a better determination depends on exactly what your intention is.Custom attributes are described here.
User interface customization, to add something like a company list dropdown, is described here.
How do we avoid someone registering with the wrong company? Limit access by domain and or company? Additional approval?
These sound like validation requirements. I would thus suggest you use a custom policy, as opposed to a user flow. This allows you to implement complex custom data validation by connecting to your own API/business validation logic. This is referred to as a “validation profile” that you would invoke during user registration [journey] to determine if it is a valid registration.
User flows vs custom policies are compared here.
See the last line of the table “Comparing user flows and custom policies” where it mentions “Validate user provided information with a trusted system by using an API.”
So, basically, you can interrupt the user registration by sending the input to your own internal API and return a success flag to indicate whether the registration should proceed or not.
If you have better answer, please add a comment about this, thank you!