B2C Custom Policy: how to call REST with claims from query parameter or session?
JL
51
Reputation points
Hi, I am trying to achieve a specific behaviour with B2C custom policies:
- accepts an optional query parameter
{OAUTH-KV:some_id}
- in an orchestration step
a. always runs
b. calls a REST api withsome_id
(use from query parameter if specified; otherwise, read from session (2c below) or default to empty)
c. REST api returns an updatedsome_id
, which is stored in session
Programmatically:
const some_id = queryParameters.get("{OAUTH-KV:some_id}") || session.get("some_id");
const outputs = call_rest_technical_profile(some_id);
session.persist("some_id", output.some_id);
Sequence of scenarios
- calls
<b2c-policy>
: no session
a. calls REST withsome_id=null
, returnssome_id=100
, stored in session - calls
<b2c-policy>
: (session from 1)
a. calls REST withsome_id=100
, returnssome_id=200
, stored in session - calls
<b2c-policy>&some_id=1000
: (session from 2)
a. calls REST withsome_id=1000
, returnssome_id=1100
, stored in session
b. (notice session'ssome_id=200
is overridden by the query parameter) - calls
<b2c-policy>
(session from 3)
a. calls REST withsome_id=1100
, stored in session
I am completely at a lost at how to achieve this.
- Sessions are per-technical profile level, and are used to skip them
a. I am trying to always run the technical profile, but to store/read claims from the session - I thought maybe I could use NoopSSOSessionProvider
Technical profiles that use this type of session provider will always be processed, even when the user has an active session
(But) This type of session provider doesn't persist claims to the user's session cookie
Please help
Sign in to answer