Error while uploading Custom Policy

Alok Aswal 1 Reputation point


Getting below exception while uploading custom policy , with policy XML section

Validation failed: 1 validation error(s) found in policy "POLICYNAME" of tenant "".Schema validation error found at line 161 col 52 in policy "POLICYNAME" of tenant "": The 'ReferenecId' attribute is not declared.Schema validation error found at line 161 col 52 in policy "POLICYNAME" of tenant "": The 'ReferenecId' attribute is not declared.

<DisplayName>My ID Token Hint ClaimsProvider</DisplayName>
<TechnicalProfile Id="IdTokenHint_ExtractClaims">
<DisplayName> My ID Token Hint TechnicalProfile</DisplayName>
<Protocol Name="None" />

        <!--Sample action required: replace with your endpoint location -->  
        <Item Key="METADATA"></Item>  

        <!-- <Item Key="IdTokenAudience">your_optional_audience_override</Item> -->  
        <!-- <Item Key="issuer">your_optional_token_issuer_override</Item> -->  
		        <Item Key="IdTokenAudience">1bdf2d2f-6b05-4633-89ab-4444478ss34vvsf</Item>  

		        <Item Key="issuer">https://localhost</Item>  

    <Key Id="client_secret" StorageReferenceId="B2C_1A_IdTokenHintKey" />  
    <InputClaim ClaimTypeReferenceId="email" PartnerClaimType="email" />  
        <!--Sample: Read the email cliam from the id_token_hint-->      <--------- IN This LINE getting eror  
        <OutputClaim ClaimTypeReferenceId="email" />                              
Azure Active Directory External Identities
{count} votes

1 answer

Sort by: Most helpful
  1. Akshay-MSFT 5,996 Reputation points Microsoft Employee

    Hello @Alok Aswal ,

    Thank you for posting your query on Microsoft Q&A. The issue seems to be with your "Metadata" URL.

    Item Key="METADATA"></Item>

    As per, METADATA is "A URL that points to a token issuer configuration document, which is also known as an OpenID well-known configuration endpoint" i.e. your relying party discovery endpoint. Kindly have this replaced with it.

    For example, in my case FB is relying party so, the meta data URL could be found from the Signup-Signin:


    Please do let me know if you have any further queries in the comments section.

    Akshay Kaushik

    Please "Accept the answer", "Upvote" and rate your experience if the suggestion works as per your business need. This will help us and others in the community as well.

    0 comments No comments