3,267 questions
Conditional Access using SAML and Azure B2C custom policy
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 16%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Sai Prasad
5
Reputation points
Trying to implement Azure B2C Conditional Access sign in using SAML flow using custom policy. Conditional Access get implemented successfully when using OpenID protocol for the user journey but results in a failure when using the same SAML user journey.
The failure shows "Unrecognized Guid format". I worked with Azure support engineer and he shared backend error as attached in screenshot. He recommended me to add SAML metadata value in app registration.
Not sure if this is a bug. Any help is appreciated.
I'm unable to correlate how a custom policy which uses app metadata in cdata format in Relying party file uses an app registration manifest value in SAML flow.
Thanks!
Microsoft Security Microsoft Entra Microsoft Entra External ID
{count} votes
-
Deleted
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Marilee Turscak-MSFT 37,206 Reputation points Microsoft Employee Moderator2023-08-22T21:27:42.0533333+00:00 Hi @Sai Prasad ,
Would you be able to share the support case number so that I can get more context for your scenario?
-
Sai Prasad 5 Reputation points
2023-08-23T04:25:40.34+00:00 2308090040010970. Thanks!
-
Sai Prasad 5 Reputation points
2023-08-23T04:26:47.4333333+00:00 2308090040010970. Thanks!
-
Sai Prasad 5 Reputation points
2023-09-05T04:50:41.2833333+00:00 I was able to resolve this. A precondition rule work without an issue for OpenID but not for SAML profile.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 46%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Georgi Mihalev 5 Reputation points2024-06-05T15:13:40.8333333+00:00 Hi, I'm facing the same issue and you are the only one mentioning it. Can you share more what was exactly the precondition? On which step in the Conditional access? Thanks
Sign in to comment
Sign in to answer