Azure B2C SAML integration with salesforce as IdP issues

Mateusz Leszek 52 Reputation points
2022-07-26T11:26:24.593+00:00

I am testing B2C federation with Salesforce as IdP using SAML as in:

https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-salesforce-saml?tabs=windows&pivots=b2c-custom-policy

I am testing the federation in Identity Experience Framework by running the relying party policy with the jwt.ms set up as a reply URL. I am redirected to the Salesforce login page, Salesforce though, when successfully logged as a salesforce user, redirects me to the https://your-tenant.b2clogin.com/your-tenant.onmicrosoft.com/B2C_1A_TrustFrameworkBase/samlp/sso/assertionconsumer page (which is set up as ACS URL in salesforce. Where "your-tenant" is obviously my tenant name), where I need to log in with the B2C user which kind of defeats the purpose.

I expected to receive the B2C Token displayed in the jwt.ms page as described in the:

https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-salesforce-saml?tabs=windows&pivots=b2c-custom-policy#test-your-custom-policy

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

1 answer

Sort by: Most helpful
  1. Mateusz Leszek 52 Reputation points
    2022-08-04T08:39:32.713+00:00

    The issue was caused by an error in the custom policy. Sign in orchestration step was duplicated and that caused the described behavior.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.