3,281 questions
The issue was caused by an error in the custom policy. Sign in orchestration step was duplicated and that caused the described behavior.
Azure B2C SAML integration with salesforce as IdP issues
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 56.00000000000001%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
Mateusz Leszek
52
Reputation points
I am testing B2C federation with Salesforce as IdP using SAML as in:
I am testing the federation in Identity Experience Framework by running the relying party policy with the jwt.ms set up as a reply URL. I am redirected to the Salesforce login page, Salesforce though, when successfully logged as a salesforce user, redirects me to the https://your-tenant.b2clogin.com/your-tenant.onmicrosoft.com/B2C_1A_TrustFrameworkBase/samlp/sso/assertionconsumer page (which is set up as ACS URL in salesforce. Where "your-tenant" is obviously my tenant name), where I need to log in with the B2C user which kind of defeats the purpose.
I expected to receive the B2C Token displayed in the jwt.ms page as described in the:
Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,132 questions
{count} votes
-
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator2022-07-28T04:00:05.033+00:00 Hello @Mateusz Leszek , can you detail what's exactly the issue? Maybe the token is not being returned or displayed? Can you share the complete redirect URL?
-
Mateusz Leszek 52 Reputation points
2022-07-28T11:05:15.003+00:00 Te issue is that when testing the relying party custom policy with federation data as described in https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-salesforce-saml?tabs=windows&pivots=b2c-custom-policy#test-your-custom-policy
after successfully logging in to Salesforce I expect the token to be returned by the B2C to https://jwt.ms. Instead, I am redirected to https://your-tenant.b2clogin.com/your-tenant.onmicrosoft.com/B2C_1A_TrustFrameworkBase/samlp/sso/assertionconsumer page where I need to provide B2C login and password. -
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator
2022-08-03T19:37:59.2+00:00 Hello @Mateusz Leszek , the issue and attached HAR have been submitted to the B2C team. I will come back as soon as I get an update.
-
Mateusz Leszek 52 Reputation points
2022-08-04T08:37:03.343+00:00 Hello, @Alfredo Revilla - Upwork Top Talent | IAM SWE SWA I've found an error in my custom policy that caused the issue. Please consider the ticket as solved.
Sign in to comment