Application registered corresponding to IssuerUri "https://maheshb2corganisation.onmicrosoft.com/6ff881ed-9cc5-465b-ab7a-4b60da58617fP" in AuthRequest has no assertion consumer service URL specified in its metadata.

Mahesh Bandaru 20 Reputation points
2024-01-05T07:56:08.0333333+00:00

Hi,

I am trying to implement AZURE AD B2C with SAML process. Followed the below documented steps 1.https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-register-applications

2.https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy

3.https://learn.microsoft.com/en-us/azure/active-directory-b2c/saml-service-provider?tabs=windows&pivots=b2c-custom-policy

4.https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/main/LocalAccounts

Here I am using local accounts instead of social accounts.

I am getting the error: Application registered corresponding to IssuerUri "https://maheshb2corganisation.onmicrosoft.com/6ff881ed-9cc5-465b-ab7a-4b60da58617fP" in AuthRequest has no assertion consumer service URL specified in its metadata.

Please look into the below attached files for your reference. Is anything missing from my end ?And what is the issuerUri mentioned in trustframeworkextensionfile?Screenshot 2024-01-05 131115

Screenshot 2024-01-05 131145

Screenshot 2024-01-05 131219

Screenshot 2024-01-05 131314

Screenshot 2024-01-05 131342

Screenshot 2024-01-05 131442

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
3,034 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,266 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 26,991 Reputation points Microsoft Employee
    2024-01-05T22:07:23.87+00:00

    Hi @Mahesh Bandaru , you need to update the metadata of the application registered with the IssuerUri "https://maheshb2corganisation.onmicrosoft.com/6ff881ed-9cc5-465b-ab7a-4b60da58617fP" to include the assertion consumer service URL.

    Here are the steps to update the metadata:

    1. Go to the Azure portal and navigate to the Azure Active Directory B2C service.
    2. Click on "Applications" and select the application registered with the IssuerUri "https://maheshb2corganisation.onmicrosoft.com/6ff881ed-9cc5-465b-ab7a-4b60da58617fP".
    3. Click on "Endpoints" and then click on "SAML".
    4. Under "SAML Signing Certificate", click on "Metadata XML".
    5. In the metadata XML, locate the element and ensure that it has a valid URL specified.
    6. If the element is missing or has an invalid URL, update it with a valid URL.
    7. Save the changes to the metadata XML and re-upload it to the application.

    Once you have updated the metadata, try the authentication flow again and see if the issue is resolved.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.