3,269 questions
Unable to get custom user properties (user_id) from Auth0 in Azure AD B2C claims
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 66%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Gangarde, Sachin
85
Reputation points
Hi,
We have added Auth0 as IDP in Azure AD B2C using custom policies like below:
<TechnicalProfile Id="Auth0-OID">
<DisplayName>Auth0</DisplayName>
<Protocol Name="OpenIdConnect" />
<Metadata>
<Item Key="METADATA">https://*******-dev.auth0.com/.well-known/openid-configuration</Item>
<Item Key="authorization_endpoint">https://*********-dev.auth0.com/authorize</Item>
<Item Key="response_types">code</Item>
<Item Key="response_mode">form_post</Item>
<Item Key="scope">openid email profile</Item>
<Item Key="HttpBinding">POST</Item>
<Item Key="UsePolicyInRedirecturi">0</Item>
<Item Key="client_id">JRC************2I2PTt</Item>
</Metadata>
<CryptographicKeys>
<Key Id="client_secret" StorageReferenceId="B2C_1A_Auth0DevTest1App" />
</CryptographicKeys>
<InputClaims>
<InputClaim ClaimTypeReferenceId="connection" />
</InputClaims>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="aud" />
<OutputClaim ClaimTypeReferenceId="user_id" PartnerClaimType="user_id" />
<OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="email" />
<OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="given_name" />
<OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="family_name" />
<OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="name" />
<OutputClaim ClaimTypeReferenceId="identityProvider" DefaultValue="Auth0.com" AlwaysUseDefaultValue="true" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="socialIdpAuthentication" />
<OutputClaim ClaimTypeReferenceId="socialIdpUserId" PartnerClaimType="aud" />
<OutputClaim ClaimTypeReferenceId="accountEnabled" DefaultValue="True" AlwaysUseDefaultValue="true"/>
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName" />
<OutputClaimsTransformation ReferenceId="CreateUserPrincipalName" />
<OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId" />
<OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId" />
</OutputClaimsTransformations>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-SocialLogin" />
</TechnicalProfile>
We are getting all the properties in the claims except user_id (which is Auth0 specific).
Auth0 user profiles looks like below and we want get "user_id" from user profile in the claims of Azure AD B2C.
We have added user_id defined as claimtype and also added in outputclaims in the user journey; but, all the time we are getting empty value for user_id claim.
What else needs to be done in order to get an IDP specific values in the claims?
Thank you.
Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,081 questions
Microsoft Security | Microsoft Identity Manager
882 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Shweta Mathur 30,296 Reputation points Microsoft Employee Moderator2024-03-20T09:59:07.0333333+00:00 Hi @Gangarde, Sachin ,
Thanks for reaching out.
There is no claim named user_id present in the token. You can verify by decoding the token using jwt.ms. You can utilize either the sub or oid claim to map to the user_id, which contains the unique identifier for the application user.
For instance, you can define the output claim as follows:
<OutputClaim ClaimTypeReferenceId="user_Id" PartnerClaimType="oid"/>This mapping will associate the oid claim with the user_Id claim in your Azure AD B2C configuration.
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.
-
Gangarde, Sachin 85 Reputation points
2024-03-20T13:18:52.37+00:00 @Shweta Mathur There is "
user_id" in the original token which comes from Auth0 to Azure Ad B2C in the callback request. But, it is getting missed in the token generated by Azure Ad B2C based on an Auth0 token. You can check the image which shows the decrypted token from Autho to Azure AD B2C.So, my question is how to preserve those values/properties coming from other IDP to Azure AD B2C?
-
Gangarde, Sachin 85 Reputation points
2024-03-22T17:50:53.0866667+00:00 @Shweta Mathur Any thoughts on this, please?
Sign in to comment
Sign in to answer