可用于 Azure AD B2C 的 Microsoft Graph 操作Microsoft Graph operations available for Azure AD B2C

支持用于管理 Azure AD B2C 资源(包括用户、标识提供者、用户流、自定义策略和策略密钥)的下列 Microsoft Graph API 操作。The following Microsoft Graph API operations are supported for the management of Azure AD B2C resources, including users, identity providers, user flows, custom policies, and policy keys.

以下各部分中的每个链接对应于 Microsoft Graph API 参考中该操作的相应页面。Each link in the following sections targets the corresponding page within the Microsoft Graph API reference for that operation.

用户管理User management

有关使用 Microsoft Graph API 管理 Azure AD B2C 用户帐户的详细信息,请参阅使用 Microsoft Graph 管理 Azure AD B2C 用户帐户For more information about managing Azure AD B2C user accounts with the Microsoft Graph API, see Manage Azure AD B2C user accounts with Microsoft Graph.

用户电话号码管理User phone number management

有关使用 Microsoft Graph API 管理用户登录电话号码的详细信息,请参阅 B2C 身份验证方法For more information about managing user's sign-in phone number with the Microsoft Graph API, see B2C Authentication Methods.

标识提供者(用户流)Identity providers (user flow)

管理 Azure AD B2C 租户中的用户流可用的标识提供者。Manage the identity providers available to your user flows in your Azure AD B2C tenant.

用户流User flow

配置用于注册、登录、组合式注册和登录、密码重置和配置文件更新的预先生成的策略。Configure pre-built policies for sign-up, sign-in, combined sign-up and sign-in, password reset, and profile update.

自定义策略Custom policies

下列操作可用于管理你的 Azure AD B2C 信任框架策略(称为自定义策略)。The following operations allow you to manage your Azure AD B2C Trust Framework policies, known as custom policies.

策略密钥Policy keys

Identity Experience Framework 存储着自定义策略中引用的机密,以在组件之间建立信任关系。The Identity Experience Framework stores the secrets referenced in a custom policy to establish trust between components. 这些机密可以是对称或非对称密钥/值。These secrets can be symmetric or asymmetric keys/values. 在 Azure 门户中,这些实体显示为 策略密钥In the Azure portal, these entities are shown as Policy keys .

Microsoft Graph API 中策略密钥的顶层资源是信任的框架密钥集The top-level resource for policy keys in the Microsoft Graph API is the Trusted Framework Keyset. 每个 密钥集 都包含至少一个 密钥Each Keyset contains at least one Key . 若要创建密钥,请先创建一个空的密钥集,然后在密钥集中生成一个密钥。To create a key, first create an empty keyset, and then generate a key in the keyset. 你可以创建手动机密、上传证书或 PKCS12 密钥。You can create a manual secret, upload a certificate, or a PKCS12 key. 密钥可以是生成的机密、你定义的字符串或你上传的证书。The key can be a generated secret, a string you define, or a certificate you upload. 如果密钥集具有多个密钥,则只有其中一个密钥处于活动状态。If a keyset has multiple keys, only one of the keys is active.

信任框架策略密钥集Trust Framework policy keyset

信任框架策略密钥Trust Framework policy key

应用程序Applications

应用程序扩展属性Application extension properties

Azure AD B2C 提供一个目录,其中可以保存每个用户的 100 个自定义属性。Azure AD B2C provides a directory that can hold 100 custom attributes per user. 对于用户流,可使用 Azure 门户管理这些扩展属性。For user flows, these extension properties are managed by using the Azure portal. 对于自定义策略,Azure AD B2C 在策略首次向扩展属性中写入值时替你创建属性。For custom policies, Azure AD B2C creates the property for you the first time the policy writes a value to the extension property.

审核日志Audit logs