search

Azure-Samples / active-directory-b2c-custom-policy-starterpack

Azure AD B2C now allows uploading of a Custom Policy which allows full control and customization of the Identity Experience Framework
http://aka.ms/aadb2ccustom
MIT License
326 stars 386 forks source link

Trying to enable script execution causes my policy schema to fail #146

Closed tw0po1nt closed 1 year ago

tw0po1nt commented 1 year ago

I've been searching around all day to figure this out, so this is my hail mary to try and figure out what's wrong. I'm just trying to enable javascript on my custom policy, per these instructions: https://learn.microsoft.com/en-us/azure/active-directory-b2c/javascript-and-page-layout?pivots=b2c-custom-policy#enable-javascript

It says to make the following change:

<RelyingParty>
  <DefaultUserJourney ReferenceId="SignUpOrSignIn" />
  <UserJourneyBehaviors>
    <ScriptExecution>Allow</ScriptExecution>
  </UserJourneyBehaviors>
  ...
</RelyingParty>

Mine entire RelyingParty is as follows:

<RelyingParty>
    <UserJourneyBehaviors>
      <ScriptExecution>Allow</ScriptExecution>
    </UserJourneyBehaviors>
    <DefaultUserJourney ReferenceId="CustomSignUpOrSignIn" />
    <Endpoints>
      <!--points to refresh token journey when app makes refresh token request-->
      <Endpoint Id="Token" UserJourneyReferenceId="RedeemRefreshToken" />
    </Endpoints>
    <TechnicalProfile Id="PolicyProfile">
      <DisplayName>PolicyProfile</DisplayName>
      <Protocol Name="OpenIdConnect" />
      <OutputClaims>
        <OutputClaim ClaimTypeReferenceId="displayName" />
        <OutputClaim ClaimTypeReferenceId="givenName" />
        <OutputClaim ClaimTypeReferenceId="surname" />
        <OutputClaim ClaimTypeReferenceId="email" />
        <OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub"/>
        <OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}" />

      </OutputClaims>
      <SubjectNamingInfo ClaimType="sub" />
    </TechnicalProfile>
  </RelyingParty>

But when I try to upload I get:

Validation failed: 1 validation error(s) found in policy "B2C_1A_SIGNUP_SIGNIN" of tenant "{tenant}.onmicrosoft.com".Schema validation error found at line 10 col 6 in policy "B2C_1A_SIGNUP_SIGNIN" of tenant "{tenant}.onmicrosoft.com": The element 'RelyingParty' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06' has invalid child element 'DefaultUserJourney' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06'. List of possible elements expected: 'TechnicalProfile' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06'.Schema validation error found at line 10 col 6 in policy "B2C_1A_SIGNUP_SIGNIN" of tenant "{tenant}.onmicrosoft.com": The element 'RelyingParty' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06' has invalid child element 'DefaultUserJourney' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06'. List of possible elements expected: 'TechnicalProfile' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06'.

I am not sure what is going wrong here. Any help would be appreciated.