Azure AD B2C hangs with no debug

Image saying something went wrong

I thought I would write this up as it may help someone else.

The symptom is that B2C hangs during a user journey with a custom policy and the only debug message in Application Insight is:

Web.TPEngine.StateMachineHandlers.SendErrorResponseToXmlHttpRequestClient

The debug log shows:

{
""Kind"": ""Transition"",
""Content"": {
""EventName"": ""SelfAsserted"",
""StateName"": ""Microsoft.Cpim.Common.PolicyException""
}
},
{
""Kind"": ""Predicate"",
""Content"": ""Web.TPEngine.StateMachineHandlers.NoOpHandler""
},
{
""Kind"": ""HandlerResult"",
""Content"": {
""Result"": true,
""PredicateResult"": ""True""
}
},
{
""Kind"": ""Action"",
""Content"": ""Web.TPEngine.StateMachineHandlers.WarningExceptionTraceHandler""
},
{
""Kind"": ""HandlerResult"",
""Content"": {
""Result"": true
}
},
{
""Kind"": ""Action"",
""Content"": ""Web.TPEngine.StateMachineHandlers.SendErrorResponseToXmlHttpRequestClient""
},

If you google that error message, you get zero responses.

I’ve seen this a few times and it seems to be connected to using a field that is a Textbox from a non self-asserted technical profile e.g. AAD-UserWrite or sending a REST API.

e.g. the base file contains:

<ClaimType Id="issuerUserId">
<DisplayName>Username</DisplayName>
<DataType>string</DataType>
<UserHelpText/>
<UserInputType>TextBox</UserInputType>
<Restriction>
<Pattern RegularExpression="^[a-zA-Z0-9]+[a-zA-Z0-9_-]*$" HelpText="The username you provided is not valid. It must begin with an alphabet or number and can contain alphabets, numbers and the following symbols: _ -"/>
</Restriction>
</ClaimType>

Now if I try something like:

<ClaimsTransformation Id="CopyIssuerUserId" TransformationMethod="CopyClaim">
<InputClaims>
<InputClaim ClaimTypeReferenceId="someclaim" TransformationClaimType="inputClaim"/>
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="issuerUserId" TransformationClaimType="outputClaim"/>
</OutputClaims>
</ClaimsTransformation>

or try and set a value via “CreateStringClaim”, I see this error.

I “think” it has to do with the operation throwing an error and not having a self asserted page to display it?

Anyway, hopefully, this gives you some direction. I spent hours trying to pin it down!

All good!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rory Braybrook

Rory Braybrook

514 Followers

NZ Microsoft Identity dude and MVP. Azure AD/B2C/ADFS/Auth0/identityserver. StackOverflow: https://bit.ly/2XU4yvJ Presentations: http://bit.ly/334ZPt5