Forum Discussion

supriyahans26's avatar
supriyahans26
Copper Contributor
May 02, 2023

Sign in with magic link

I am getting a validation failed error Validation failed: 4 validation error(s) found in policy "B2C_1A_MAGIC_LINK" of tenant "commuteB2Cint2.onmicrosoft.com".Claim type "city" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignInWithMagicLink".Claim type "street" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignInWithMagicLink".Claim type "signInNames.email" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignInWithMagicLink".Claim type "name" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignInWithMagicLink".Claim type "city" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignInWithMagicLink".Claim type "street" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignInWithMagicLink".Claim type "signInNames.email" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignInWithMagicLink".Claim type "name" is the output claim of the relying party's technical profile, but it is not an output claim in any of the steps of user journey "SignInWithMagicLink

 

Here is the user journey, it just has 2 steps, one is to extract the claims - signInNames.email, city, street, and name. and second step is to return in the jwt token

<UserJourney Id="SignInWithMagicLink">
<OrchestrationSteps>

<!--Sample: Read the input claims from the id_token_hint-->
<OrchestrationStep Order="1" Type="GetClaims" CpimIssuerTechnicalProfileReferenceId="IdTokenHint_ExtractClaims" />


<!--Sample: Issue an access token-->
<OrchestrationStep Order="2" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer"/>

</OrchestrationSteps>
<ClientDefinition ReferenceId="DefaultWeb"/>
</UserJourney>

and in CLAIMSPROVIDEREXTENSION, These are the 2 technical profile

<ClaimsProvider>
<DisplayName>My ID Token Hint ClaimsProvider</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="IdTokenHint_ExtractClaims">
<DisplayName> My ID Token Hint TechnicalProfile</DisplayName>
<Protocol Name="OpenIdConnect" />
<Metadata>
<Item Key="METADATA">$$$$$$$$$$$$$$</Item>
<Item Key="issuer">$$$$$$$$$$$$$</Item>
<Item Key="IdTokenAudience">$$$$$$</Item>

</Metadata>
<OutputClaims>
<!--Sample: Read the email cliam from the id_token_hint-->
<OutputClaim ClaimTypeReferenceId="signInNames.email" />
<OutputClaim ClaimTypeReferenceId="city" />
<OutputClaim ClaimTypeReferenceId="street" />
<OutputClaim ClaimTypeReferenceId="name" />
</OutputClaims>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>


<TechnicalProfile Id="JwtIssuer">
<DisplayName>JWT Issuer</DisplayName>
<Protocol Name="None" />
<OutputTokenFormat>JWT</OutputTokenFormat>
<Metadata>
<Item Key="client_id">{service:te}</Item>
<Item Key="issuer_refresh_token_user_identity_claim_type">objectId</Item>
<Item Key="SendTokenResponseBodyWithJsonNumbers">true</Item>
</Metadata>
<CryptographicKeys>
<Key Id="issuer_secret" StorageReferenceId="B2C_1A_TokenSigningKeyContainer" />
<Key Id="issuer_refresh_token_key" StorageReferenceId="B2C_1A_TokenEncryptionKeyContainer" />
</CryptographicKeys>
<InputClaims />
<OutputClaims />
</TechnicalProfile>

Can some one help me why i am getting validation exception?
 
 
  • supriyahans26's avatar
    supriyahans26
    Copper Contributor
    The id token hint will have signin.email, city , street and name, that needs to be returned as part of claims in jwt token returned. but i keep getting the validation error.

Share

Resources