Open in app

Sign in

Write

Sign in

The user journey recorder with Azure AD B2C custom policies

Rory Braybrook
The new control plane
Published in
3 min readOct 29, 2018

The usual way to troubleshoot B2C issues with custom policies is with Application Insights.

There’s a ton of information shown in Insights and it isn’t always easy to get what you want.

Hence the User Journey Recorder.

The GitHub sample is here.

Inside this is a “UserJourneyRecorder” directory.

(Note: There is another version of the recorder inside of the wintipgamesb2c directory. This integrates the recorder with application insights. There is some documentation in the directory called “How to: Integrate a B2C policy with Azure Application Insights”).

Build this in Visual Studio using the project file “UserJourneyRecorder.sln”and then you need to deploy the project to Azure App Services.

You project will have a URL similar to:

https://userjourneyrecorderwebapp20…39.azurewebsites.net

Note it and use it below in place of the above one.

First you need to create a GUID.

Once you got the custom policies sorted and uploaded and assuming you are using the Signup and Signin policy, in SignUpOrSignin.xml, add two lines:

<TrustFrameworkPolicy
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
  PolicySchemaVersion="0.3.0.0"
  TenantId="tenant.onmicrosoft.com"
  PolicyId="B2C_1A_signup_signin"
  PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_signup_signin"
  DeploymentMode="Development"
  UserJourneyRecorderEndpoint="https://userjourneyrecorderwebapp20...739.azurewebsites.net/stream?id=your GIUD created as above">

Upload the updated policy.

Now test using the “Run Now” button.

This should create the user journey data.

To view it use this URL:

https://userjourneyrecorderwebapp20...739.azurewebsites.net/trace_102.html?id=your GIUD created as above"

i.e. add “trace_102.html”.

You should see:

“Change Refresh Mode” will switch to:

“Configure” will show:

You can alter the parameters as required.

“Refresh Now” will show the actual journey e.g.

“Message Detail” expands the message.

or an API example:

The real value of this tool is the error messages. It will show you the details of the error which is invaluable when debugging.

A “simple” error e.g. trying to register an existing user again shows e.g.

or “Invalid password”

“Download Stream” downloads the log in JSON format e.g.

"Exception": {
        "Kind": "Handled",
        "HResult": "80131500",
        "Message": "Invalid username or password.",
        "Data": {}
      },
      "PredicateResult": "False"
    }

I’ve found the tool to be super useful and a time-saver!

There is a good reference for the whole flow here.

All good!

Azure Active Directory
Sso
Azure Ad B2c
Troubleshooting
Custom Policies

--

--

Rory Braybrook
The new control plane

Written by Rory Braybrook

720 Followers
Editor for

NZ Microsoft Identity dude and MVP. Azure AD/B2C/ADFS/Auth0/identityserver. StackOverflow: https://bit.ly/2XU4yvJ Presentations: http://bit.ly/334ZPt5

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams