B2C Custom Policy: how to call REST with claims from query parameter or session?

JL 51 Reputation points
2022-02-14T11:31:10.47+00:00

Hi, I am trying to achieve a specific behaviour with B2C custom policies:

  1. accepts an optional query parameter {OAUTH-KV:some_id}
  2. in an orchestration step
    a. always runs
    b. calls a REST api with some_id (use from query parameter if specified; otherwise, read from session (2c below) or default to empty)
    c. REST api returns an updated some_id, which is stored in session

Programmatically:

   const some_id = queryParameters.get("{OAUTH-KV:some_id}") || session.get("some_id");  
   const outputs = call_rest_technical_profile(some_id);  
   session.persist("some_id", output.some_id);  

Sequence of scenarios

  1. calls <b2c-policy>: no session
    a. calls REST with some_id=null, returns some_id=100, stored in session
  2. calls <b2c-policy>: (session from 1)
    a. calls REST with some_id=100, returns some_id=200, stored in session
  3. calls <b2c-policy>&some_id=1000: (session from 2)
    a. calls REST with some_id=1000, returns some_id=1100, stored in session
    b. (notice session's some_id=200 is overridden by the query parameter)
  4. calls <b2c-policy> (session from 3)
    a. calls REST with some_id=1100, stored in session

I am completely at a lost at how to achieve this.

  1. Sessions are per-technical profile level, and are used to skip them
    a. I am trying to always run the technical profile, but to store/read claims from the session
  2. I thought maybe I could use NoopSSOSessionProvider

Technical profiles that use this type of session provider will always be processed, even when the user has an active session
(But) This type of session provider doesn't persist claims to the user's session cookie

Please help

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,843 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.