Map REST API response with collection of objects from B2C custom policy

Question

I am implementing REST API call from B2C custom policy and have a few doubts.

The first one is it possible to have an output claim with collection of objects? For example, REST API response has a collection of objects "prop2".

{
  "prop1": "586ee92e-d090-415f-a874-b3999243c6f3",
  "prop2": [
    {
      "prop2_1": "a41e092c-460e-41cf-9c62-b75119a85019",
      "prop2_2": "testA"
    }
  ]
}

According to documentation there is a way to map collection of objects to collection of strings (data types), but this option is not suitable for us.

I was trying to map collection of objects to collection of strings - it works, but JWT token contains "escape" characters (\r\n).

{
  "prop1": "586ee92e-d090-415f-a874-b3999243c6f3",
  "prop2": [
    "{\r\n  \"prop2_1\": \"a41e092c-460e-41cf-9c62-b75119a85019\",\r\n  \"prop2_2\": \"test\" }"
  ]
}

The second thing - is it possible to remove "escape" characters (\r\n) from each string of collection?

Thank you for any feedback.

Answer 1

I had a similar situation. You can pass the collection of objects as just a long string in JSON format. Then, your receiving application can parse the JSON and turn it into a true collection.

So you can store this entire object as just a string:

"{\"prop1\":\"VALUE\","prop2":[{\"prop2_1\":\"VALUE\",\"prop2_2\":\"testA\"}]}"

Again, you are not using a true 'object' anywhere in the custom policy for this claim. Simply treat it as a string you are passing through to the client application. Make it the responsibility of the client application to parse the string into a JSON object.

In this scenario, you could also just allow your client application to remove the "\r\n" character.

This is all assuming your B2C custom policy is just being used as a pass-through mechanism. If, instead, you are doing claim transformations on the object, more complexity is required. However, it is not possible to determine that based on the details provided in your question.