AD B2C - Custom Policies - Evaluate custom extension

Hi,

Thanks for your clarification.

Remember:

1. AD B2C Custom Policy works as a declarative language, so you cannot think of it as imperative language. For example, it works like SQL instruction, you cannot "explain" how to execute a SELECT. Helps a lot consider it as a DFA that reads a string.
2. All the boolean custom claims have 3 values: not set (as NULL), true, or false. Why? Those are custom and the missing value in the existing records cannot compromise the working functionality. This rule is applied to the other types.
3. More than a "ClaimEquals" you should use the condition "ClaimExists" but you need to modify your TechnicalProfile to return it, and in the output claim it should be marked as optional (not specifying required="true").
4. Coming to your case you need to concatenate 2 preconditions, once for the existence and one for the value checks ( https://learn.microsoft.com/en-us/azure/active-directory-b2c/userjourneys#precondition ).

In case you need to force the setting of the MFA at the first or next login, I suggest you force the flow inside another SubJourney to edit the user profile and set it.