Validation profile being called multiple times during seamless migration policy

Soni, Ashish 21 Reputation points
2023-03-02T10:19:30.9966667+00:00

Hi,

We are planning to migrate our applications to Azure B2C. We have implemented custom policies for seamless migration of customers. Used below samples as suggested by Microsoft:

https://github.com/azure-ad-b2c/user-migration

I have recently noticed that during login, "login-NonInteractive" technical profile is being called twice.

Looks like it is happening due to inheritance of "SelfAsserted-LocalAccountSignin-Email" technical profile from TrustFrameworkBase.xml which already has "login-NonInteractive" validation technical profile.

I am looking for clarification on two points:

  1. I have removed "login-NonInteractive" validation profile from extension file. It works fine. Would like to get a confirmation if that is fine?
  2. How Azure B2C decides order of multiple validation profiles post inheritance?
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,629 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,309 questions
{count} votes

Accepted answer
  1. Shweta Mathur 27,051 Reputation points Microsoft Employee
    2023-03-06T12:43:37.19+00:00

    Hi @Soni, Ashish ,

    Thanks for reaching out and apologies for the delay in response.

    1. I have removed "login-NonInteractive" validation profile from extension file. It works fine. Would like to get a confirmation if that is fine? Yes, it is fine to remove the "login-NonInteractive" validation profile from the extension file if it is not needed. An extension file in Azure B2C is a file that extends the functionality of the Base policy. The extension file is used to customize the base policy to meet the specific requirements of your application. It is recommended to keep common profiles in base policy and application specific requirements in extension policy to avoid changes in base policy.
    2. How Azure B2C decides order of multiple validation profiles post inheritance? Azure B2C decides the order of multiple validation profiles post inheritance based on the order in which the validation technical profiles are defined in the ValidationTechnicalProfiles element.
    3. You can control the order of execution of validation technical profiles by using the Preconditions element. The Preconditions element allows you to specify conditions that must be satisfied for a validation technical profile to execute. If the conditions are not satisfied, the validation technical profile is skipped.
    4. Reference: https://learn.microsoft.com/en-us/azure/active-directory-b2c/validation-technical-profile

    Hope this will help.

    Thanks,

    Shweta

    Please remember to "Accept Answer" if answer helped you.

    0 comments No comments

0 additional answers

Sort by: Most helpful