Azure-docs: Found two issues uploading the policy
First issue:
policy "B2C_1A_TRUSTFRAMEWORKEXTENSIONS" of tenant "mytenant.onmicrosoft.com".Tenant "mytenant.onmicrosoft.com"
does not have CryptographicKey referenced by storageReferenceId "B2C_1A_AADAppSecret".
I resolved this by entering the value for the Policy Key I created in the section Create A Policy Key, step 6. in the following element:
Key Id="client_secret" StorageReferenceId="B2C_1A_MyAppSecret" />
Second Issue:
policy "B2C_1A_TRUSTFRAMEWORKEXTENSIONS" of tenant "mytenant.onmicrosoft.com".Policy "B2C_1A_TrustFrameworkExtensions" of tenant "mytenant.onmicrosoft.com"
makes a reference to ClaimType with id "socialIdpUserId" but neither the policy nor any of its base policies contain such an element.
I am not sure what to do here, I have removed the following line:
<OutputClaim ClaimTypeReferenceId="socialIdpUserId" PartnerClaimType="sub" />
And I was able to upload the policy. But not sure if I have now broken something else?
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 171f21f0-1c8c-42f9-dbb8-2da1ebc70892
- Version Independent ID: fe1d0a08-231e-5094-2406-1b548cb1174e
- Content: Set up sign-in for a multi-tenant Azure AD identity provider using custom policies in Azure Active Directory B2C
- Content Source: articles/active-directory-b2c/active-directory-b2c-setup-commonaad-custom.md
- Service: active-directory
- GitHub Login: @davidmu1
- Microsoft Alias: davidmu
colinrippeyfinarne
All 5 comments
@colinrippeyfinarne Thank you for your feedback . We will investigate and update further.
shashishailaj
on 20 Mar 2019
As per the error, your
Ensure that it is defined in the policy files and try again. https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-guide-troubleshooting-custom
MarileeTurscak-MSFT
on 21 Mar 2019
Try the steps in the troubleshooting document linked and see if it helps. If you still have questions feel free to reach out to me on MSDN. It is more appropriate to transfer this issue there since this is more of a product question than a document issue. I'll be sure to respond if you would like to continue the conversation. https://social.msdn.microsoft.com/Forums/en-US/home?forum=WindowsAzureAD
MarileeTurscak-MSFT
on 21 Mar 2019
Hi @MarileeTurscak-MSFT my issue is directly related to this specific documentation page hence why I have raised them here and not on a product forum.
I have followed your steps and I have encountered these issues, and so I have provided feedback on this specific page.
If other users were to follow the exact same set of steps on this page they will likely encounter the same issues as I have, and so I would ask that these issues are investigated to provide clarity on this page.
colinrippeyfinarne
on 21 Mar 2019
A follow up to the second issue:
"policy "B2C_1A_TRUSTFRAMEWORKEXTENSIONS" of tenant "mytenant.onmicrosoft.com".Policy "B2C_1A_TrustFrameworkExtensions" of tenant "mytenant.onmicrosoft.com"
makes a reference to ClaimType with id "socialIdpUserId" but neither the policy nor any of its base policies contain such an element."
I have found the following reference in the TrustFrameworkBase.xml file:
<!-- The claim socialIdpUserId has been renamed to issuerUserId -->
<ClaimType Id="issuerUserId">
So I have updated the value in the TrustFrameworkExtensions.xml from
<OutputClaim ClaimTypeReferenceId="socialIdpUserId" PartnerClaimType="sub" />
To
<OutputClaim ClaimTypeReferenceId="issuerUserId" PartnerClaimType="sub" />
I no longer receive the error upon uploading the custom policy file TrustFrameworjExtensions.xml
colinrippeyfinarne
on 26 Mar 2019
Related issues
jharbieh
·
3Comments
ianpowell2017
·
3Comments
paulmarshall
·
3Comments
spottedmahn
·
3Comments
Agazoth
·
3Comments