Home > Blockchain >  ClaimsTransformation error in custom policy
ClaimsTransformation error in custom policy

Time:12-03

On Azure B2C I've create a custom policy to connect a Spring Application Using SAML protocol. This application use SAML to connect to B2C then B2C use external IDP on KeyCloak to perform the autentication.

I follow this documentation to setting up my Client on KeyCloak.

When I do the login in my spring application throught Chrome console each network call seems fine, but the last SAML assertion I obtain this error

Response has invalid status code urn:oasis:names:tc:SAML:2.0:status:Responder, status message is Id:3e00c8b4-d645-44f9-a3ab-fd3400bee95c ; Message: A claim with id 'issuerUserId' was not found, which is required by ClaimsTransformation 'CreateAlternativeSecurityId' with id 'CreateAlternativeSecurityId' in policy 'B2C_1A_signup_signin_saml' of tenant 'mytenant.onmicrosoft.com'.

I think the problem in

<OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId"/>

But I can't figurate how to resolve. Any suggestion?

CodePudding user response:

The problem is in the mapping of the SAML to B2C claims.

Refer this.

Nothing is being mapped to "issuerUserId" or if there is a mapping, it's mapping something that doesn't exist on the SAML side.

  • Related