Issue with “ClaimEquals” in Azure AD B2C

cloud compare by iconeu from the Noun Project

There’s a gotcha with this when you use “ClaimEquals” with B2C custom policies.

Assume you have a claim that you read from B2C e.g. extension_ClaimInB2C and the user types some text into a TextBox e.g. ClaimFromTB and you want to compare the two in a user journey.

Both are defined as strings.

Assume ClaimInB2C = “aaa” and the user types in “aaa” ( = ClaimFromTB).

So something like this is the user journey:

<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
<Value>extension_ClaimInB2C</Value>
<Value>ClaimFromTB</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>

This will not be equal!!!

<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
<Value>extension_ClaimInB2C</Value>
<Value>aaa</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>

This will be equal!!!

So “canned” values are OK but not strings even though they are the same value.

You need to do a ClaimsTransformation for “CompareClaims” in your TechnicalProfile.

<ClaimsTransformation Id="CheckTextMatches" TransformationMethod="CompareClaims">
<InputClaims>
<InputClaim ClaimTypeReferenceId="extension_ClaimInB2C" TransformationClaimType="inputClaim1"/>
<InputClaim ClaimTypeReferenceId="ClaimFromTB" TransformationClaimType="inputClaim2"/>
</InputClaims>
<InputParameters>
<InputParameter Id="operator" DataType="string" Value="EQUAL"/>
<InputParameter Id="ignoreCase" DataType="string" Value="true"/>
</InputParameters>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="ClaimEqual" TransformationClaimType="outputClaim"/>
</OutputClaims>
</ClaimsTransformatio

and then:

<Precondition Type="ClaimEquals" ExecuteActionsIf="false">
<Value>ClaimEqual</Value>
<Value>True</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>

This works.

All good!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store