I'm currently trying to revoke the sso session (using the sample here https://github.com/azure-ad-b2c/samples/tree/master/policies/revoke-sso-sessions) and revoke and refresh token user journey from the starter pack (https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/blob/main/LocalAccounts/TrustFrameworkBase.xml).
My problem is around the data types for refreshTokensValidFromDateTime, refreshTokenIssuedOnDateTime and lastLogonTime. For revoke sso session refreshTokensValidFromDateTime and lastLogonTime need to be dateTime for the date comparison, whilst for revoke refresh token they are strings for the assert.
I've tried to make them all dateTime and handle the revoke refresh token case with date comparison and a boolean assert, but getting the following error from the token endpoint:
The data type 'String' of the claim with id 'refreshTokenIssuedOnDateTime' does not match the DataType 'DateTime' of ClaimType with id 'refreshTokenIssuedOnDateTime' specified in the policy.
Doesn't look like there's any claim transformation that I could use (ie datetime to string or vice-versa). I could use a rest api to do the conversion, but seems like a rather poor solution.
Any other options please?
