Azure B2C Custom Policy: How to show static html page only?

Sean Killeen 351 Reputation points MVP
2021-02-25T17:40:26.3+00:00

I am modifying an existing custom policy's behavior and have not yet been able to find guidance on what I a trying to do.

Backgound

I have a custom signup/signin policy with a terms & conditions page. The general workflow is:

  • Sign up / Sign in
  • Terms & conditions acceptance
  • Send the claims back to the web application, which signs the user in ## Goal

I have been asked to modify the policy so that rather than redirecting back to the web application on sign in, it displays a custom HTML "pending verification page".

What I've done

  • Created and deployed the custom HTML content.
  • Created a ContentDefinition that points to that HTML page: xml
    <ContentDefinition Id="api.selfasserted.pendingverification">
    <LoadUri>[redacted]/pending-verification.html</LoadUri>
    <RecoveryUri>~/common/default_page_error.html</RecoveryUri>
    <DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:1.2.0</DataUri>
    <Metadata>
    <Item Key="DisplayName">Pending Verification</Item>
    </Metadata>
    </ContentDefinition>
  • Created a TechnicalProfile that uses that content definition: xml
    <TechnicalProfile Id="SelfAsserted-PendingVerification">
    <DisplayName>Pending Verification</DisplayName>
    <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
    <Metadata>
    <Item Key="ContentDefinitionReferenceId">api.selfasserted.pendingverification</Item>
    </Metadata>
    <IncludeInSso>false</IncludeInSso>
    </TechnicalProfile>
  • Added an OrchestrationStep that references the TechnicalProfile: xml
    <OrchestrationStep Order="6" Type="ClaimsExchange">
    <ClaimsExchanges>
    <ClaimsExchange Id="ShowPendingVerificationPage" TechnicalProfileReferenceId="SelfAsserted-PendingVerification" />
    </ClaimsExchanges>
    </OrchestrationStep>
  • Doublechecked that the order of the steps is what I'd expect and no steps are sharing the same order number in the orchestration. ## Challenge

Despite these steps, the pending verification page seems to be skipped each time, and the next step (which returns the claims) appears to be executed.

Question

  • Is my understanding of how to create and refer to a static page above correct?
  • Is a technical profile with no input or output claims skipped by default?
  • What is the correct way to show a static HTML file in this manner without continuing on to the next step in the orchestration?
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,610 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Jitendra Rai 231 Reputation points
    2021-03-02T06:43:48.357+00:00

    Thanks @Sean Killeen and as mentioned Claim that has a UserInputType of Readonly can able to make static page is working. Please let us know if this works for you.

    0 comments No comments