B2C edit profile custom policy not showing all fields

Vikas Tiwari 766 Reputation points
2020-12-12T01:52:54.683+00:00

Hi,

I have following technical profile added into TrustFrameworkExtension.xml and expecting fields mentioned in input claims should be displayed to user in edit profile page, but when click on edit profile it just displays Given name and surname to edit:

<TechnicalProfile Id="SelfAsserted-ProfileUpdate">
          <DisplayName>User ID signup</DisplayName>
          <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
          <Metadata>
            <Item Key="ContentDefinitionReferenceId">api.selfasserted.profileupdate</Item>
          </Metadata>
          <IncludeInSso>false</IncludeInSso>
          <InputClaims>
            <InputClaim ClaimTypeReferenceId="userPrincipalName" />
            <!-- Optional claims. These claims are collected from the user and can be modified. Any claim added here should be updated in the
                 ValidationTechnicalProfile referenced below so it can be written to directory after being updateed by the user, i.e. AAD-UserWriteProfileUsingObjectId. -->
            <InputClaim ClaimTypeReferenceId="givenName" />
            <InputClaim ClaimTypeReferenceId="surname" />
            <InputClaim ClaimTypeReferenceId="displayName" />
            <InputClaim ClaimTypeReferenceId="otherMails" />
          </InputClaims>
          <OutputClaims>
            <!-- Required claims -->
            <OutputClaim ClaimTypeReferenceId="executed-SelfAsserted-Input" DefaultValue="true" />
            <!-- Optional claims. These claims are collected from the user and can be modified. Any claim added here should be updated in the
                 ValidationTechnicalProfile referenced below so it can be written to directory after being updateed by the user, i.e. AAD-UserWriteProfileUsingObjectId. -->
            <OutputClaim ClaimTypeReferenceId="givenName" />
            <OutputClaim ClaimTypeReferenceId="surname" />
            <OutputClaim ClaimTypeReferenceId="displayName" />
            <OutputClaim ClaimTypeReferenceId="otherMails" />
             <!-- Add the external system ID -->
              <!--<OutputClaim ClaimTypeReferenceId="extension_external_system_id" DefaultValue="external_system_id_1234"/>-->
            <!-- End of changes -->
          </OutputClaims>
          <ValidationTechnicalProfiles>
            <ValidationTechnicalProfile ReferenceId="AAD-UserWriteProfileUsingObjectId" />
          </ValidationTechnicalProfiles>
        </TechnicalProfile>

        <!-- Write data during edit profile flow. -->
        <TechnicalProfile Id="AAD-UserWriteProfileUsingObjectId">
          <Metadata>
            <Item Key="Operation">Write</Item>
            <Item Key="RaiseErrorIfClaimsPrincipalAlreadyExists">false</Item>
            <Item Key="RaiseErrorIfClaimsPrincipalDoesNotExist">true</Item>
          </Metadata>
          <IncludeInSso>false</IncludeInSso>
          <InputClaims>
            <InputClaim ClaimTypeReferenceId="objectId" Required="true" />
          </InputClaims>
          <PersistedClaims>
            <!-- Required claims -->
            <PersistedClaim ClaimTypeReferenceId="objectId" />
            <!-- Optional claims -->
            <PersistedClaim ClaimTypeReferenceId="givenName" />
            <PersistedClaim ClaimTypeReferenceId="surname" />
            <PersistedClaim ClaimTypeReferenceId="displayName" />
            <PersistedClaim ClaimTypeReferenceId="otherMails" />
          <!-- Add the external system ID -->
           <!-- <PersistedClaim ClaimTypeReferenceId="extension_external_system_id" DefaultValue="external_system_id_1234"/>-->
          <!-- End of changes -->
          </PersistedClaims>
          <IncludeTechnicalProfile ReferenceId="AAD-Common" />
        </TechnicalProfile>

What else I am missing to add claims into edit profile section for user to update?

Thanks,
Vikas Tiwari

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,678 questions
0 comments No comments
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,336 Reputation points
    2020-12-13T09:29:50.173+00:00

    Hi @Vikas Tiwari · Thank you for reaching out.

    For this purpose, all you need is to update below TechnicalProfiles in your base file:

    1. Under <TechnicalProfile Id="SelfAsserted-ProfileUpdate">, add <OutputClaim ClaimTypeReferenceId="displayName" />
    2. Under <TechnicalProfile Id="AAD-UserWriteProfileUsingObjectId"> add <PersistedClaim ClaimTypeReferenceId="displayName" />

    I don't think updating otherMails via profile edit policy is supported. Could you please try removing otherMails and test again.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Vikas Tiwari 766 Reputation points
    2020-12-14T05:11:40.637+00:00

    Thanks @AmanpreetSingh-MSFT for your help again. Your suggestion fixed the issue and I can see other claims in edit profile screen, though I have couple more things to understand if you can help:

    1) As you said otherMails not supported, similar to this is there any documentation which can list out what claims are not supported as part of profile edit policy?

    2) I noticed on edit profile screen if I click on cancel button it displays following error:

    Error.  
    We're having trouble signing you in.  
    "OpenIdConnectMessage.Error was not null, indicating an error. Error: 'access_denied'. Error_Description (may be empty): 'AADB2C90091: The user has cancelled entering self-asserted information. Correlation ID: 65457afd-4393-40cb-9d0f-f05cbebfdd84 Timestamp: 2020-12-14 04:58:11Z '. Error_Uri (may be empty): 'error_uri is null'."  
    

    I thought user should be redirected to home page without any error. Is this expected behavior or I missing something in code?

    Thanks,
    Vikas