Azure AD B2C Custom UI with SAML relying party

Question

I'm trying to use a SAML relying party and send a custom UI content definition parameter, as disccribed in the docs. https://learn.microsoft.com/en-us/azure/active-directory-b2c/customize-ui-with-html?pivots=b2c-custom-policy

Example:

<RelyingParty>
    <DefaultUserJourney ReferenceId="SignUpOrSignIn" />
    <UserJourneyBehaviors>
    <ContentDefinitionParameters>
        <Parameter Name="campaignId">{OAUTH-KV:campaignId}</Parameter>
    </ContentDefinitionParameters>
    </UserJourneyBehaviors>
    ...
</RelyingParty>

OAUTH-KV doesnt work with SAML (obvisously).

Is there any other way of getting a parameter sent with SAML that I can use as a ContentDefinitionParameter?

FYI we are already using {SAML:ProviderName}, {SAML:Issuer} and {SAML:Subject} for other purposes.

score 0 · Answer 1 · answered Mar 23 '21 at 16:41

The only supported values will the the claim resolvers listed in the documentation for SAML: https://learn.microsoft.com/en-us/azure/active-directory-b2c/claim-resolver-overview#saml

The best candidate for passing arbitrary data in the query string is {SAML:RelayState}.

The main reason for the difference is that OAuth explicitly allows for arbitrary parameters in the request whereas SAML is much more strict.

Azure AD B2C Custom UI with SAML relying party

1 Answers1