Issue with “ClaimEquals” in Azure AD B2C

cloud compare by iconeu from the Noun Project

There’s a gotcha with this when you use “ClaimEquals” with B2C custom policies.

Assume you have a claim that you read from B2C e.g. extension_ClaimInB2C and the user types some text into a TextBox e.g. ClaimFromTB and you want to compare the two in a user journey.

Both are defined as strings.

Assume ClaimInB2C = “aaa” and the user types in “aaa” ( = ClaimFromTB).

So something like this is the user journey:

<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
   <Value>extension_ClaimInB2C</Value>
   <Value>ClaimFromTB</Value>
   <Action>SkipThisOrchestrationStep</Action>
</Precondition>

This will not be equal!!!

<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
   <Value>extension_ClaimInB2C</Value>
   <Value>aaa</Value>
   <Action>SkipThisOrchestrationStep</Action>
</Precondition>

This will be equal!!!

So “canned” values are OK but not strings even though they are the same value.

You need to do a ClaimsTransformation for “CompareClaims” in your TechnicalProfile.

<ClaimsTransformation Id="CheckTextMatches" TransformationMethod="CompareClaims">
  <InputClaims>
    <InputClaim ClaimTypeReferenceId="extension_ClaimInB2C" TransformationClaimType="inputClaim1"/>
    <InputClaim ClaimTypeReferenceId="ClaimFromTB" TransformationClaimType="inputClaim2"/>
  </InputClaims>
 <InputParameters>
    <InputParameter Id="operator" DataType="string" Value="EQUAL"/>
    <InputParameter Id="ignoreCase" DataType="string" Value="true"/>
 </InputParameters>
 <OutputClaims>
   <OutputClaim ClaimTypeReferenceId="ClaimEqual" TransformationClaimType="outputClaim"/>
 </OutputClaims>
</ClaimsTransformatio

and then:

<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
   <Value>ClaimEqual</Value>
   <Value>True</Value>
   <Action>SkipThisOrchestrationStep</Action>
</Precondition>

This works.

All good!