执行我的自定义SignUpSignIn策略后如何返回PolicyId声明? [英] How can I return the PolicyId Claim after executing my Custom SignUpSignIn policy?
问题描述
我希望执行我的Customized SignUpSignIn策略时返回的声明中包含policyId.
I would like the policyId to be included in the claims that are returned when my Customized SignUpSignIn policy is executed.
我认为应该在ID为tfp
的索赔中.
I think this should be in claim Id tfp
.
在设置代表策略ID的声明"部分中,它说要在令牌发行者" ClaimsProvider替代中包含键AuthenticationContextReferenceClaimPattern
.
In the section "Setting claim representing policy ID" it says to include the key AuthenticationContextReferenceClaimPattern
in the "Token Issuer" ClaimsProvider override.
<ClaimsProviders>
<ClaimsProvider>
<DisplayName>Token Issuer</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="JwtIssuer">
<Metadata>
.....
<Item Key="AuthenticationContextReferenceClaimPattern">None</Item>
</Metadata>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>
</ClaimsProviders>
然后必须在outputClaims
中添加trustFrameworkPolicy
.我是这样想的:
And then you have to add the trustFrameworkPolicy
in your outputClaims
. I think like this:
<RelyingParty>
<DefaultUserJourney ReferenceId="SignUpOrSignIn" />
<TechnicalProfile Id="PolicyProfile">
<DisplayName>PolicyProfile</DisplayName>
<Protocol Name="OpenIdConnect" />
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="displayName" />
<OutputClaim ClaimTypeReferenceId="givenName" />
<OutputClaim ClaimTypeReferenceId="surname" />
......
<OutputClaim ClaimTypeReferenceId="trustFrameworkPolicy" Required="true" DefaultValue="{policy}" />
</OutputClaims>
<SubjectNamingInfo ClaimType="sub" />
</TechnicalProfile>
但是当我上传此自定义策略文件时,显示错误:
But when I upload this Custom Policy file an error is displayed:
租户"yyyyy.onmicrosoft.com"的策略"B2C_1A_xxxx"引用ID为"trustframeworkPolicy"的ClaimType,但该策略或其任何基本策略均不包含该元素."
"Policy "B2C_1A_xxxx" of tenant "yyyyy.onmicrosoft.com" makes a reference to ClaimType with id "trustframeworkPolicy" but neither the policy nor any of its base policies contain such an element."
表示找不到ClaimTypeReferenceId:"trustFrameworkPolicy".
Meaning it can't find the ClaimTypeReferenceId: "trustFrameworkPolicy".
我是否必须添加ClaimType"trustframeworkPolicy"的声明定义?在ClaimsSchema中?
Do I have to add a claim definition of the ClaimType "trustframeworkPolicy"? in the ClaimsSchema?
如果是这样:是什么感觉?
If so: What's it like?
推荐答案
将以下ClaimType
添加到TrustFrameworkExtensions.xml
:
<ClaimType Id="trustFrameworkPolicy">
<DisplayName>Trust Framework Policy</DisplayName>
<DataType>string</DataType>
<DefaultPartnerClaimTypes>
<Protocol Name="OAuth2" PartnerClaimType="tfp" />
<Protocol Name="OpenIdConnect" PartnerClaimType="tfp" />
</DefaultPartnerClaimTypes>
</ClaimType>
注意:ClaimType
应该是<ClaimsSchema><BuildingBlocks>
这篇关于执行我的自定义SignUpSignIn策略后如何返回PolicyId声明?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!