This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 30%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVT%3C/text%3E%3C/svg%3E)
Hi,
I have following technical profile added into TrustFrameworkExtension.xml and expecting fields mentioned in input claims should be displayed to user in edit profile page, but when click on edit profile it just displays Given name and surname to edit:
<TechnicalProfile Id="SelfAsserted-ProfileUpdate">
<DisplayName>User ID signup</DisplayName>
<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<Metadata>
<Item Key="ContentDefinitionReferenceId">api.selfasserted.profileupdate</Item>
</Metadata>
<IncludeInSso>false</IncludeInSso>
<InputClaims>
<InputClaim ClaimTypeReferenceId="userPrincipalName" />
<!-- Optional claims. These claims are collected from the user and can be modified. Any claim added here should be updated in the
ValidationTechnicalProfile referenced below so it can be written to directory after being updateed by the user, i.e. AAD-UserWriteProfileUsingObjectId. -->
<InputClaim ClaimTypeReferenceId="givenName" />
<InputClaim ClaimTypeReferenceId="surname" />
<InputClaim ClaimTypeReferenceId="displayName" />
<InputClaim ClaimTypeReferenceId="otherMails" />
</InputClaims>
<OutputClaims>
<!-- Required claims -->
<OutputClaim ClaimTypeReferenceId="executed-SelfAsserted-Input" DefaultValue="true" />
<!-- Optional claims. These claims are collected from the user and can be modified. Any claim added here should be updated in the
ValidationTechnicalProfile referenced below so it can be written to directory after being updateed by the user, i.e. AAD-UserWriteProfileUsingObjectId. -->
<OutputClaim ClaimTypeReferenceId="givenName" />
<OutputClaim ClaimTypeReferenceId="surname" />
<OutputClaim ClaimTypeReferenceId="displayName" />
<OutputClaim ClaimTypeReferenceId="otherMails" />
<!-- Add the external system ID -->
<!--<OutputClaim ClaimTypeReferenceId="extension_external_system_id" DefaultValue="external_system_id_1234"/>-->
<!-- End of changes -->
</OutputClaims>
<ValidationTechnicalProfiles>
<ValidationTechnicalProfile ReferenceId="AAD-UserWriteProfileUsingObjectId" />
</ValidationTechnicalProfiles>
</TechnicalProfile>
<!-- Write data during edit profile flow. -->
<TechnicalProfile Id="AAD-UserWriteProfileUsingObjectId">
<Metadata>
<Item Key="Operation">Write</Item>
<Item Key="RaiseErrorIfClaimsPrincipalAlreadyExists">false</Item>
<Item Key="RaiseErrorIfClaimsPrincipalDoesNotExist">true</Item>
</Metadata>
<IncludeInSso>false</IncludeInSso>
<InputClaims>
<InputClaim ClaimTypeReferenceId="objectId" Required="true" />
</InputClaims>
<PersistedClaims>
<!-- Required claims -->
<PersistedClaim ClaimTypeReferenceId="objectId" />
<!-- Optional claims -->
<PersistedClaim ClaimTypeReferenceId="givenName" />
<PersistedClaim ClaimTypeReferenceId="surname" />
<PersistedClaim ClaimTypeReferenceId="displayName" />
<PersistedClaim ClaimTypeReferenceId="otherMails" />
<!-- Add the external system ID -->
<!-- <PersistedClaim ClaimTypeReferenceId="extension_external_system_id" DefaultValue="external_system_id_1234"/>-->
<!-- End of changes -->
</PersistedClaims>
<IncludeTechnicalProfile ReferenceId="AAD-Common" />
</TechnicalProfile>
What else I am missing to add claims into edit profile section for user to update?
Thanks,
Vikas Tiwari
Hi @Vikas Tiwari · Thank you for reaching out.
For this purpose, all you need is to update below TechnicalProfiles in your base file:
<TechnicalProfile Id="SelfAsserted-ProfileUpdate">, add <OutputClaim ClaimTypeReferenceId="displayName" /> <TechnicalProfile Id="AAD-UserWriteProfileUsingObjectId"> add <PersistedClaim ClaimTypeReferenceId="displayName" /> I don't think updating otherMails via profile edit policy is supported. Could you please try removing otherMails and test again.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Thanks @AmanpreetSingh-MSFT for your help again. Your suggestion fixed the issue and I can see other claims in edit profile screen, though I have couple more things to understand if you can help:
1) As you said otherMails not supported, similar to this is there any documentation which can list out what claims are not supported as part of profile edit policy?
2) I noticed on edit profile screen if I click on cancel button it displays following error:
Error.
We're having trouble signing you in.
"OpenIdConnectMessage.Error was not null, indicating an error. Error: 'access_denied'. Error_Description (may be empty): 'AADB2C90091: The user has cancelled entering self-asserted information. Correlation ID: 65457afd-4393-40cb-9d0f-f05cbebfdd84 Timestamp: 2020-12-14 04:58:11Z '. Error_Uri (may be empty): 'error_uri is null'."
I thought user should be redirected to home page without any error. Is this expected behavior or I missing something in code?
Thanks,
Vikas
@Vikas Tiwari · I couldn't find the document specifically for supported attribute via profile edit policy but I tested and it didn't work for me.
For the second question, you need to update your application code with exception handling for error code AADB2C90091 and configure it to redirect the user to home page in that case.
Hi @AmanpreetSingh-MSFT Thanks for confirmation. I was thinking the same to handle exception in code but just wanted to confirm.
Thanks,
Vikas Tiwari