Can I disable sign-up in Azure AD B2C?

Built-in Policies

Yes, only define a Sign-in policy.

Do not define a Sign-up or Sign-in policy nor a Sign-up policy.

Custom Policies

The problem with a sign-in only policy is you only have basic UI customization options. You do not get the full set of features as described here.

With custom policies, you can define a Sign-Up/Sign-In policy and then disable the Sign-Up portion. This allows for the same level if UI customization as described here.

  1. Hide the Sign-Up link via CSS
  2. Remove <Item Key="SignUpTarget">SignUpWithLogonUsernameExchange</Item> from your TechnicalProfile
<TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Username-NoSignUp">
    <DisplayName>Local Account Signin</DisplayName>
    <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
    <Metadata>
        <!-- Want to disable sign-up on unified policy -->
        <!-- <Item Key="SignUpTarget">SignUpWithLogonUsernameExchange</Item> -->
        <Item Key="setting.operatingMode">Username</Item>
        <Item Key="ContentDefinitionReferenceId">api.selfasserted-ext-local</Item>
        <Item Key="language.button_continue">Login</Item>
    </Metadata>
    ...
</TechnicalProfile>

In Built-in policies (aka User Flows) you can choose a sign-in only policy.

In Custom Policies you can use the metadata properties shown in the snippet below, without defining any custom css.

<TechnicalProfile Id="SelfAsserted-LocalAccountSignin-Email">
  <DisplayName>Local Account Signin</DisplayName>
  <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
  <Metadata>
    <!-- Clear SignUpTarget for security reasons -->
    <Item Key="SignUpTarget"></Item>
    <Item Key="setting.operatingMode">Email</Item>
    <Item Key="ContentDefinitionReferenceId">api.selfasserted</Item>
    <!-- Remove signup and forgot password links -->
    <Item Key="setting.showSignupLink">false</Item>
    <Item Key="setting.forgotPasswordLinkLocation">None</Item>
  </Metadata>
  ...
</TechnicalProfile>

Tags:

Azure Ad B2C

Recent Posts