B2C Custom Policy REST Integration Error

Nijo Joseph Raju 141 Reputation points MVP
2020-08-03T17:41:10.733+00:00

Hello All,

I am new to Azure and B2C. I was trying REST API integration as explained here

I have followed the same steps but I am getting an error when I try to upload "SignUpOrSignin" policy file.

Validation failed: 1 validation error(s) found in policy "B2C_1A_SIGNUP_SIGNIN" of tenant "****.onmicrosoft.com".Claim type "identityProvider" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignUpOrSignIn".

Please advise, I have tried all the options to fix this issue from rookie level.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,851 questions
0 comments
Accepted answer
  1. Nijo Joseph Raju 141 Reputation points MVP
    2020-08-09T13:22:48.38+00:00

    Hello,

    It worked when I added the output claim for "identity provider" in the "SelfAsserted-LocalAccountSignin-Email " Technical claim also.

    Nijo

    1 person found this answer helpful.
    0 comments

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Saurabh Sharma 23,806 Reputation points Microsoft Employee
    2020-08-03T23:25:05.677+00:00

    @Nijo Joseph Raju Can you please check if your trustframeworkbase file contains "identityProvider" claims under ClaimsSchema.
    <ClaimType Id="identityProvider">
    <DisplayName>Identity Provider</DisplayName>
    <DataType>string</DataType>
    <DefaultPartnerClaimTypes>
    <Protocol Name="OAuth2" PartnerClaimType="idp" />
    <Protocol Name="OpenIdConnect" PartnerClaimType="idp" />
    <Protocol Name="SAML2" PartnerClaimType="http://schemas.microsoft.com/identity/claims/identityprovider" />
    </DefaultPartnerClaimTypes>
    <UserHelpText/>
    </ClaimType>
    Also, please make sure to upload the policies in below order -

    1. TrustFrameworkBase.xml
    2. TrustFrameworkExtensions.xml
    3. SignUpOrSignin.xml
    4. ProfileEdit.xml
    5. PasswordReset.xml

    If you still faces any issue, I suggest you to please attach policies files here so that I can validate it as well.

    1 person found this answer helpful.
    0 comments
  2. Saurabh Sharma 23,806 Reputation points Microsoft Employee
    2020-08-07T00:19:49.8+00:00

    @Nijo Joseph Raju I have looked into your policies and trustframeworkbase file was missing "identityProvider" claims in output claims of Claims Provider section.
    16224-image.png
    I have attached the updated policy with this response. I have tested this in my environment and your policies are uploading correctly now. Please upload the policies in order - base policy then extension policy and let me know if you see any issues.
    16272-trustframeworkbase.xml

    1 person found this answer helpful.
    0 comments
  3. Nijo Joseph Raju 141 Reputation points MVP
    2020-08-04T18:09:37.247+00:00

    Hello @Saurabh Sharma ,

    Thank you for your reply.
    Yes, my trustframeworkbase file contains "identityProvider".
    I had uploaded in the same order itself.

    I have attached the15506-signuporsignin.xml15548-trustframeworkbase.xml15529-trustframeworkextensions.xml files please advise.

    Many thanks.
    Nijo

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.