0

I can't seem to get the values from the OutputClaims from my return object after making a REST API call to show up in the JWT token. I've tried this when I return a single string it works fine, but this is returning an object that looks like this from my B2CResponseModel object.

enter image description here

enter image description here

Do I have to do some kind of of mapping in the custom policies to match my return object or is there a way for me to just pull a value like I am trying to do below? Thanks!

TrustFrameworkExtensions.xml

  <TechnicalProfile Id="REST-UserMigration-LocalAccount-SignUp">
                <DisplayName>Migrate user sign-up flow</DisplayName>
                <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
                <Metadata>
        
                    
                    <Item Key="ServiceUrl">https://*******/LocalAccountSignUp</Item>                        
                    <Item Key="AuthenticationType">ApiKeyHeader</Item>
                    <Item Key="SendClaimsIn">Body</Item>
                    <Item Key="AllowInsecureAuthInProduction">True</Item>
                </Metadata>

                <CryptographicKeys>
                    <Key Id="Ocp-Apim-Subscription-Key" StorageReferenceId="B2C_1A_RestApiKey" />
                </CryptographicKeys>

                <InputClaims>
                    <InputClaim ClaimTypeReferenceId="email" PartnerClaimType="signInName"/>

                    <!--AM Added-->
                    <InputClaim ClaimTypeReferenceId="signInName" />
                    <InputClaim ClaimTypeReferenceId="password" />
                    <InputClaim ClaimTypeReferenceId="objectId" />
                    <InputClaim ClaimTypeReferenceId="newPassword" />
                    <InputClaim ClaimTypeReferenceId="reenterPassword" />
                     .......                
                </InputClaims>

                <!--AM Added-->
                <OutputClaims>
                    <!-- Claims parsed from your REST API -->
                    <OutputClaim ClaimTypeReferenceId="userMessage" />
                    <OutputClaim ClaimTypeReferenceId="loyaltyNumber"/>                     
                </OutputClaims>
                <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
            </TechnicalProfile>

TrustFrameworkBase.xml

        <ClaimType Id="loyaltyNumber">
            <DisplayName>Loyalty Identification</DisplayName>
            <DataType>string</DataType>
            <UserHelpText>Your loyalty number from your membership card</UserHelpText>
        </ClaimType>

        <ClaimType Id="userMessage">
            <DisplayName>User Message</DisplayName>
            <DataType>string</DataType>
            <UserHelpText>User Message</UserHelpText>
        </ClaimType>

SignInSignup.xml

      <RelyingParty>
    <DefaultUserJourney ReferenceId="SignUpOrSignIn" />
    <TechnicalProfile Id="PolicyProfile">
        <DisplayName>PolicyProfile</DisplayName>
        <Protocol Name="OpenIdConnect" />
        <OutputClaims>
             ....
            <OutputClaim ClaimTypeReferenceId="userMessage" DefaultValue="" />
            <OutputClaim ClaimTypeReferenceId="displayName" />
            <OutputClaim ClaimTypeReferenceId="loyaltyNumber" DefaultValue="" />                
           </OutputClaims>
          <SubjectNamingInfo ClaimType="sub" />
       </TechnicalProfile>
   </RelyingParty>
brachen33
  • 117
  • 2
  • 10
  • I would suggest reviewing this series of articles. AAD B2C custom policies seem to be very finicky but going through this series has greatly helped with my understanding, maybe it will for you as well: https://www.atmosera.com/blog/hello-world-and-then-some-with-azure-active-directory-b2c-custom-policies-part-5-hello-now-with-rest/ – mpoust Mar 09 '22 at 23:20
  • I'm not sure about this, but the field "userMessage" in your response is used by B2C internal to show error messages to user, so no need to define a claimtype, try removing that and see. If you need that message as a claimtype then give another name. See this https://learn.microsoft.com/en-us/azure/active-directory-b2c/restful-technical-profile?msclkid=ff1d855ba6fd11eca71ade7513d7e7bf#returning-validation-error-message – Alex Mar 18 '22 at 20:59

0 Answers0