| Date | Change |
|---|---|
| Sep 2021 | New: Federate B2C as IdP for AAD (Direct Federation) |
| Sep 2021 | New: JIT Migration |
| Sep 2021 | Change: Simplified Invitation sample |
| Oct 2021 | Change: Added PS script to assign group to app role in B2C (AppRoles sample) |
| Oct 2021 | Change: Invitation sample supports local-only or federated-only accounts |
| Oct 2021 | New: Conditional Access |
| Nov 2021 | New: Persisted custom attribute |
| Dec 2021 | New: Optionally, allow profile edit during signin |
| Dec 2021 | Change: Multitenant sample now uses a new SPA app and updated policies and REST functions |
| Feb 2022 | New: Use AAD userinfo endpoint to get user's email address (in case AAD does not return it in the id_token) |
| Feb 2022 | New: Claims encryption |
| Mar 2022 | New: Step up MFA |
| Mar 2022 | Fixed: Refresh token |
| Name | Description |
|---|---|
| AllInOne | Allow profile edit during signin or password reset |
| AppRoles | Support for application roles using standard AAD features |
| B2CSendOTPWithO365 | Send email OTP using O365 |
| CheckEmail | Prevents users from signing up or in using emails with specific email domains |
| ConditionalAccess | Prevents users from signing up or in using emails with specific email domains |
| Claims encryption | Supports encryption/decryption of claims in a token |
| Custom, persisted attribute | Modifies starter pack to add support for a new, persisted custom user attribute |
| EmailOrUserId | Allow users to signup with both an email and a user id and user either to signin later on |
| EmailOrPhoneMFA | Allows local users to use either their email or phone for 2nd FA |
| ForceADWhenAvaialble | Users who signup with an email address supported by an AAD tenant will be automatically redirected there (rather than defining local password in B2C) |
| IdTokenSelfHint | Allows long-running native apps to initiate profile edit without needing to re-authenticate user |
| Invite | Create/use an invitation link using client_assertion request |
| JIT Migrate | Migrate users using an API to verify their legacy passwords |
| MultiTenant | Supports use of a single B2C tenant to support a muli-tenant SaaS application |
| PromptForToAAD | Passes whatever prompt parameter was used with B2C to a federated AAD. |
| RefreshToken | Rejects refresh token exchange if user requested its revocation |
| SamlIdP | Invite B2C users as B2B users in an Azure AD |
| Step up MFA | Require MFA even if recently executed |
| UseUserInfoforEmailClaim | Invite B2C users as B2B users in an Azure AD |