Validation failed: 6 validation error(s) found in policy "B2C_1A_SIGNUPORSIGNIN_DISABLEACCOUNT" of tenant "sgscophoton.onmicrosoft.com".Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadLastLogonTime' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-UserWriteLogonTimeUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'email,oid,tid,given_name,family_name,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-AssertAccountEnabled' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'name,given_name,family_name,sub,oid,email,idpUserId,tid,upn,emailAddress' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-DisableAccount' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'name,given_name,family_name,sub,oid,email,idpUserId,tid,upn,emailAddress' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadLastLogonTime' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-UserWriteLogonTimeUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'email,oid,tid,given_name,family_name,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-AssertAccountEnabled' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'name,given_name,family_name,sub,oid,email,idpUserId,tid,upn,emailAddress' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-DisableAccount' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'name,given_name,family_name,sub,oid,email,idpUserId,tid,upn,emailAddress' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.
bustamante30
commented
6 months ago
Hello, I tried to use the custom policies defined in the example you uploaded https://github.com/azure-ad-b2c/samples/tree/master/policies/disable-inactive-account/policy and i'm getting the following validation errors (i just set the tenant i use):
Validation failed: 6 validation error(s) found in policy "B2C_1A_SIGNUPORSIGNIN_DISABLEACCOUNT" of tenant "sgscophoton.onmicrosoft.com".Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadLastLogonTime' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-UserWriteLogonTimeUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'email,oid,tid,given_name,family_name,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-AssertAccountEnabled' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'name,given_name,family_name,sub,oid,email,idpUserId,tid,upn,emailAddress' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-DisableAccount' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'name,given_name,family_name,sub,oid,email,idpUserId,tid,upn,emailAddress' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadLastLogonTime' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-UserWriteLogonTimeUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'email,oid,tid,given_name,family_name,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-AssertAccountEnabled' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'name,given_name,family_name,sub,oid,email,idpUserId,tid,upn,emailAddress' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'oid,tid,given_name,family_name,email,emailAddress,name,upn' is not supported in Azure Active Directory Provider technical profile 'AAD-DisableAccount' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.Output Claim 'name,given_name,family_name,sub,oid,email,idpUserId,tid,upn,emailAddress' is not supported in Azure Active Directory Provider technical profile 'AAD-UserReadUsingObjectId' of policy 'B2C_1A_signuporsignin_disableAccount'. If it is a claim with default value, add AlwaysUseDefaultValue="true" to the output claim mapping.
Could you please help me to address the issue?