Unable to fix the OrchestrationStep depending upon the conditional true/false

Question

Hi,

I am facing one weird issue while putting steps in OrchestrationStep.

I have a requirement to allow or deny user login depending upon user IP address. I am calling an API to check user and IP information and return a boolean type.

Now, I want to make a decision based on BlockSignIn variable value returned by API. I am calling API on step 2(shown in the below steps.)

Step 3 is to make a decision, whether to allow login or not depending on the value of BlockSignIn

	<OrchestrationStep Order="2" Type="ClaimsExchange">
				  <ClaimsExchanges>
					<ClaimsExchange Id="ClaimsTransformation-SetIsTrustedIPClaim" TechnicalProfileReferenceId="ClaimsTransformation-SetIsTrustedIPClaim" />
				  </ClaimsExchanges>
				</OrchestrationStep>
					
				<OrchestrationStep Order="3" Type="ClaimsExchange">
					<Preconditions>
						<Precondition Type="ClaimEquals" ExecuteActionsIf="true">
							<Value>BlockSignIn</Value>
							<Value>true</Value>
							<Action>SkipThisOrchestrationStep</Action>
						</Precondition>
					</Preconditions>
					<ClaimsExchanges>
						<ClaimsExchange Id="BlockUser" TechnicalProfileReferenceId="Selfasserted-Blockuser" />
					</ClaimsExchanges>
				</OrchestrationStep>

These are my OrchestrationSteps sequence.

Scenarios:

1. If I return BlockSignIn = true, then it shows me a page with a message that my IP is blocked.
2. If I return BlockSignIn = false, then it gave me a Server Error with the below details. I am not sure where to check the further details.

AADB2C: An exception has occurred.

Correlation ID: 7a031ab6-0bca-4820-afd2-597b09b975b4

Timestamp: <>

1. If I update Orchestration step 3 to set to<Value>false</Value>, then it blocks login on returning truefrom API but gives a similar error on returning false from API.

<OrchestrationStep Order="3" Type="ClaimsExchange">
					<Preconditions>
						<Precondition Type="ClaimEquals" ExecuteActionsIf="true">
							<Value>BlockSignIn</Value>
							<Value>false</Value>
							<Action>SkipThisOrchestrationStep</Action>
						</Precondition>
					</Preconditions>
					<ClaimsExchanges>
						<ClaimsExchange Id="BlockUser" TechnicalProfileReferenceId="Selfasserted-Blockuser" />
					</ClaimsExchanges>
				</OrchestrationStep>

I want to achieve below results:

1. If API returns true(for BlockSignIn), then show the error page.
2. If API returns false(for BlockSignIn), then proceed further with the next steps to log in.

Can someone guide me, please?

Answer 1

Hello @Gangarde, Sachin , in order to use preconditions of type ClaimEquals with boolean value, use the literal representations True or False instead of the lowercase versions. Eg.

<OrchestrationSteps>
   <OrchestrationStep Order="2" Type="ClaimsExchange">
      <ClaimsExchanges>
         <ClaimsExchange Id="ClaimsTransformation-SetIsTrustedIPClaim" TechnicalProfileReferenceId="ClaimsTransformation-SetIsTrustedIPClaim" />
      </ClaimsExchanges>
   </OrchestrationStep>
   <OrchestrationStep Order="3" Type="ClaimsExchange">
      <Preconditions>
         <Precondition Type="ClaimEquals" ExecuteActionsIf="true">
            <Value>BlockSignIn</Value>
            <Value>True</Value>
            <Action>SkipThisOrchestrationStep</Action>
         </Precondition>
      </Preconditions>
      <ClaimsExchanges>
         <ClaimsExchange Id="BlockUser" TechnicalProfileReferenceId="Selfasserted-Blockuser" />
      </ClaimsExchanges>
   </OrchestrationStep>
</OrchestrationSteps>

Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing a similar issue can easily find a solution.