Issues with an Azure AD B2C self-asserted page calling a ValidationTechnicalProfile
I’ve had a number of issues with a self-asserted page calling a validation TP.
In the validation TP, I set a flag.
Later on in the user journey, I test the flag but it never seems to be set.
e.g. the validation TP has something like:
<TechnicalProfile Id="regexAnalysisSignInName">
<DisplayName>Check signInName for digits</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
<InputClaims>
<InputClaim ClaimTypeReferenceId="signInName"/>
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="isLoyaltyBoolean"/>
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="isLoyaltyRegex"/>
</OutputClaimsTransformations>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop"/>
</TechnicalProfile>
where “isLoyaltyRegex” tests the “signInName” for digits (i.e. you can sign in with your loyalty number).
(The regex is “^[0–9]+$” ).
And then I would have something like:
<OrchestrationStep Order="x" Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimEquals" ExecuteActionsIf="true">
<Value>isLoyaltyBoolean</Value>
<Value>False</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
and “isLoyaltyBoolean” would never be set 😒
Then I came across this post.
The key is:
“Claims that are declared as output from a validation technical profile and the self-asserted technical profile that refers to this validation technical profile are passed to other orchestration steps”.
In other words, “isLoyaltyBoolean” has to be an output claim in the self-asserted TP that calls this validation TP!
All good!