This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 85%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECA%3C/text%3E%3C/svg%3E)
My assumption is that there is no way to connect to B2C via SAML without using a custom policy, correct?
We have constructed a B2C Custom policy using the MS Learn documentation, but are getting this error while logging in.
When we look in application insights, we see this error: The user journey 'SignUpOrSigninSAML' does not specify first step or the first step is not a claims exchange. Attached is our Custom Policy which does have a first step and does have a claim exchange step. Not sure what we are missing. Would love any feedback on our approach or issues in our Custom Policy! Thank you!
Hi @50919195 , Yes, you are correct. To connect to B2C via SAML, you need to use a custom policy. Regarding the error you are seeing, it seems that the user journey 'SignUpOrSigninSAML' does not specify the first step or the first step is not a claims exchange. This error can occur if the user journey is not defined correctly in the custom policy. You can check the user journey definition in your custom policy and ensure that the first step is a claims exchange step. It looks like the custom policy didn't attach properly. Could you retry so I can take a look at it? Thank you, James
Thank you for your reply & time, James! Yes, it does look like I didn't upload the xml correctly in this thread. :) Here you go! pockeadv.onmicrosoft.com-B2C_1A_SAML2_SIGNUP_SIGNIN (1).xml
Hi @Caleb Abernathy , did you need any more help with this question? If not could you please mark the appropriate answer as "Verified" so other users can reference it?
Thank you,
James
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 27%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
The error message "The user journey 'SignUpOrSigninSAML' does not specify first step or the first step is not a claims exchange" indicates that there is either no first step defined in your user journey or the first step is not a claims exchange step.
To troubleshoot this issue, you can try the following steps:
Check your custom policy XML file to ensure that the user journey is defined correctly and that the first step is a claims exchange step. You can use a tool like XML Notepad or Visual Studio Code to validate the XML structure of your custom policy.
Check your application's SAML configuration to ensure that it is correctly configured to use your custom policy. Make sure that the SAML configuration is pointing to the correct B2C tenant and that the policy ID is set correctly.
Check the application insights logs for any additional error messages or details that might help diagnose the issue. Look for any errors or exceptions related to the SAML authentication process.
If you are still having issues, you may want to consider reaching out to Microsoft support for further assistance.
It's worth noting that while it is possible to connect to Azure B2C via SAML without a custom policy, you may need to use a custom policy if you require additional customization or functionality that is not available through the standard B2C policies
If I make the first step a claims exchange, then there is an upload error in the Azure portal.
Hi @50919195 , what is the error after doing that?
This is the error and I have included the xml that has the swapped steps to make the first step the "Claims Exchange" step.
Validation failed: 1 validation error(s) found in policy "B2C_1A_SAML2_SIGNUP_SIGNINTEST" of tenant "pockeadv.onmicrosoft.com".Schema validation error found at line 16 col 8 in policy "B2C_1A_SAML2_SIGNUP_SIGNINTEST" of tenant "pockeadv.onmicrosoft.com": The element 'UserJourney' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06' has invalid child element 'OrchestrationStep' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06'. List of possible elements expected: 'AssuranceLevel, PreserveOriginalAssertion, Authorization, OrchestrationSteps, ClientDefinition, CryptographicKeys' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06'.Schema validation error found at line 16 col 8 in policy "B2C_1A_SAML2_SIGNUP_SIGNINTEST" of tenant "pockeadv.onmicrosoft.com": The element 'UserJourney' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06' has invalid child element 'OrchestrationStep' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06'. List of possible elements expected: 'AssuranceLevel, PreserveOriginalAssertion, Authorization, OrchestrationSteps, ClientDefinition, CryptographicKeys' in namespace 'http://schemas.microsoft.com/online/cpim/schemas/2013/06'. pockeadv.onmicrosoft.com-B2C_1A_SAML2_SIGNUP_SIGNIN (2).xml
If you replaced the first step with a ClaimsExchange step and received the error message, then the error is likely due to the fact that the ClaimsExchange step is not preceded by a ClaimsProviderSelection step. In order to determine which ClaimsExchange can be used, a ClaimsProviderSelection step must be used before the ClaimsExchange step. You can try adding a ClaimsProviderSelection step before the ClaimsExchange step to fix the error. Please try that and let me know what happens.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@Caleb Abernathy Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back.
Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.