Closed debaxtermsft closed 4 months ago
@debaxtermsft
Thanks for your feedback! We will investigate and update as appropriate.
We've added this issue to our documentation backlog work item for internal tracking and prioritization. We'll update this issue as documentation updates are published. Thanks again for your feedback. #please-close
Documentation does not explicitly state having to update the partner claim from sub to oid
The Sample file provide by MS Document did not had any reference to update the Objectid in SignUpOrSignin.xml to request the OID claim.
Sample File TechnicalProfile Id="PolicyProfile"> DisplayName>PolicyProfile Protocol Name="OpenIdConnect" /> OutputClaims> OutputClaim ClaimTypeReferenceId="displayName" /> OutputClaim ClaimTypeReferenceId="givenName" /> OutputClaim ClaimTypeReferenceId="surname" /> OutputClaim ClaimTypeReferenceId="email" /> OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub"/> OutputClaim ClaimTypeReferenceId="identityProvider" /> OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}" /> /OutputClaims> SubjectNamingInfo ClaimType="sub" /> /TechnicalProfile> /RelyingParty> /TrustFrameworkPolicy> For the issue that we have and to resolve I did make few changes as shown below. TechnicalProfile Id="PolicyProfile"> DisplayName>PolicyProfile Protocol Name="OAuth2" /> OutputClaims> OutputClaim ClaimTypeReferenceId="displayName" /> OutputClaim ClaimTypeReferenceId="givenName" /> OutputClaim ClaimTypeReferenceId="surname" /> OutputClaim ClaimTypeReferenceId="email" /> OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="oid" /> OutputClaim ClaimTypeReferenceId="identityProvider" /> OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}" /> /OutputClaims> SubjectNamingInfo ClaimType="oid" /> /TechnicalProfile> /RelyingParty> /TrustFrameworkPolicy>
this type of issue has been addressed in several posts on stackoverflow: ex https://stackoverflow.com/questions/49669435/b2c-saml-missing-claims
Adding to documentation that having to update partnerclaimtype as needed
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.