This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 30%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVT%3C/text%3E%3C/svg%3E)
Hi @AmanpreetSingh-MSFT ,
I am trying seamless user migration to B2C through custom policy, following is policy details that I am running:
<RelyingParty>
<DefaultUserJourney ReferenceId="SignUpOrSignInWithUsername" />
<UserJourneyBehaviors>
<JourneyInsights TelemetryEngine="ApplicationInsights" InstrumentationKey="app-insight-instrumentation-key" DeveloperMode="true" ClientEnabled="false" ServerEnabled="true" TelemetryVersion="1.0.0" />
</UserJourneyBehaviors>
<TechnicalProfile Id="PolicyProfile">
<DisplayName>PolicyProfile</DisplayName>
<Protocol Name="OpenIdConnect" />
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="displayName" />
<OutputClaim ClaimTypeReferenceId="givenName" />
<OutputClaim ClaimTypeReferenceId="surname" />
<OutputClaim ClaimTypeReferenceId="email" />
<OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub"/>
<OutputClaim ClaimTypeReferenceId="signinname" />
</OutputClaims>
<SubjectNamingInfo ClaimType="sub" />
</TechnicalProfile>
</RelyingParty>
</TrustFrameworkPolicy>
While running this policy and sign in through username and password, I am getting following error :
"The metadata endpoint 'https://login.microsoftonline.com/{tenant}/.well-known/openid-configuration' returned the following status code: '400'"
I am not understanding failure reason, I have tried to get details in application insight but it didn't have any details.
Could you please help me to understand where its going wrong or how can I get details error description and possible failure reason?
Thanks for your help.
Hello @Vikas Tiwari
Since you are facing this issue during sign in, the technical profile you need to look at is login-NonInteractive (in TrustFrameworkBase.xml by default) where we have Metadata item key with OIDC metadata url as highlighted below:
The {tenant} parameter in the URL should be translated to your B2C tenant name and looking at the error it is being passed as {tenant} only. In my case it is getting translated to my tenant name and I am able to sign-in with username successfully.
Just to confirm that {tenant} is being translated to my tenant name, I updated the OIDC metadata url to https://wrong-login.microsoftonline.com/{tenant}/.well-known/openid-configuration (with wrong- at the beginning of the URL) and I can see my tenant name in the error:
To replicate your error, I just updated {tenant} to {tenant2} and encountered the exact same error that you are getting:
The {tenant} to actual tenant name translation should happen automatically. If it is not happening, you can explicitly specify your tenant name in the OIDC metadata url as mentioned below:
https://login.microsoftonline.com/yourB2cTenant.onmicrosoft.com/.well-known/openid-configuration
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Many Thanks @AmanpreetSingh-MSFT This fixed the issue.