I would like the policyId to be included in the claims that are returned when my Customized SignUpSignIn policy is executed.
I think this should be in claim Id tfp.
There is an article on how to do this.
In the section "Setting claim representing policy ID" it says to include the key AuthenticationContextReferenceClaimPattern in the "Token Issuer" ClaimsProvider override.
<ClaimsProviders>
<ClaimsProvider>
<DisplayName>Token Issuer</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="JwtIssuer">
<Metadata>
.....
<Item Key="AuthenticationContextReferenceClaimPattern">None</Item>
</Metadata>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>
</ClaimsProviders>
And then you have to add the trustFrameworkPolicy in your outputClaims. I think like this:
<RelyingParty>
<DefaultUserJourney ReferenceId="SignUpOrSignIn" />
<TechnicalProfile Id="PolicyProfile">
<DisplayName>PolicyProfile</DisplayName>
<Protocol Name="OpenIdConnect" />
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="displayName" />
<OutputClaim ClaimTypeReferenceId="givenName" />
<OutputClaim ClaimTypeReferenceId="surname" />
......
<OutputClaim ClaimTypeReferenceId="trustFrameworkPolicy" Required="true" DefaultValue="{policy}" />
</OutputClaims>
<SubjectNamingInfo ClaimType="sub" />
</TechnicalProfile>
But when I upload this Custom Policy file an error is displayed:
"Policy "B2C_1A_xxxx" of tenant "yyyyy.onmicrosoft.com" makes a reference to ClaimType with id "trustframeworkPolicy" but neither the policy nor any of its base policies contain such an element."
Meaning it can't find the ClaimTypeReferenceId: "trustFrameworkPolicy".
Do I have to add a claim definition of the ClaimType "trustframeworkPolicy"? in the ClaimsSchema?
If so: What's it like?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
