How to add tfp claim in token issued by custom B2C policy?

Sakshi 21 Reputation points
2020-04-16T14:04:08.513+00:00

I want to configure my custom b2c policies to return TFP claim in the token with policy name as it's value, after the user is authenticated via federated SAML IDP.
Any help on this would be much appreciated.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,721 questions
0 comments No comments
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,466 Reputation points
    2020-04-17T11:10:24.197+00:00

    @Sakshi The token return by Custom policy in B2C by default includes acr claim containing policy name. If you want to remove this claim and use tfp claim instead, you need to set AuthenticationContextReferenceClaimPattern to None in JWTIssuer technical profile as highlighted below:
    7463-untitled.png

    This will remove the acr claim from the token and to add tfp claim, add below claim id under claim schema in your TrustFrameworkBase.xml or TrustFrameworkExtensions.xml file.
    7571-capture.jpg

    Finally, add below output claim in your RP file (e.g., signup_signin.xml) :
    7484-capture2.jpg

    -----------------------------------------------------------------------------------------------------------

    Please "Accept as answer" wherever the information provided helps you to help others in the community.

    2 people found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful