Azure ad b2c ADB2C用户旅程保存自定义属性
自定义属性已添加到声明中,但未保存到用户配置文件中 我在ADB2C用户属性中添加了自定义属性empid,并试图在用户注册时通过调用REST-API保存该属性,如下所示 API调用成功,声明数据根据API结果更新,但用户配置文件结果未更改 用户旅程Azure ad b2c ADB2C用户旅程保存自定义属性,azure-ad-b2c,azure-ad-b2c-custom-policy,Azure Ad B2c,Azure Ad B2c Custom Policy,自定义属性已添加到声明中,但未保存到用户配置文件中 我在ADB2C用户属性中添加了自定义属性empid,并试图在用户注册时通过调用REST-API保存该属性,如下所示 API调用成功,声明数据根据API结果更新,但用户配置文件结果未更改 用户旅程 <UserJourney Id="SignUpTDNA"> <OrchestrationSteps> <OrchestrationStep Order="
<UserJourney Id="SignUpTDNA">
<OrchestrationSteps>
<OrchestrationStep Order="1" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange Id="SignUpWithLogonEmailExchange" TechnicalProfileReferenceId="LocalAccountSignUpWithLogonEmail" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="2" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange Id="RESTGetProfile" TechnicalProfileReferenceId="REST-GetProfile" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="3" Type="ClaimsExchange">
<ClaimsExchanges>
<ClaimsExchange Id="AADUserReadWithObjectId" TechnicalProfileReferenceId="AAD-UserReadUsingObjectId" />
</ClaimsExchanges>
</OrchestrationStep>
<OrchestrationStep Order="4" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
</OrchestrationSteps>
<ClientDefinition ReferenceId="DefaultWeb" />
</UserJourney>
在AAD UserWriteUsingLogonEmail技术配置文件中:我添加了
<TechnicalProfile Id="AAD-UserWriteUsingLogonEmail">
<Metadata>
<Item Key="Operation">Write</Item>
<Item Key="RaiseErrorIfClaimsPrincipalAlreadyExists">true</Item>
</Metadata>
<IncludeInSso>false</IncludeInSso>
<InputClaims>
<InputClaim ClaimTypeReferenceId="email" PartnerClaimType="signInNames.emailAddress" Required="true" />
</InputClaims>
<PersistedClaims>
.......................
<PersistedClaim ClaimTypeReferenceId="extension_empid" />
</PersistedClaims>
<OutputClaims>
...........
<OutputClaim ClaimTypeReferenceId="extension_empid" />
</OutputClaims>
<IncludeTechnicalProfile ReferenceId="AAD-Common" />
<UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
</TechnicalProfile>
写
真的
假的
.......................
...........
在LocalAccountSignUpWithLogonEmail中
电子邮件注册
IP地址
api.localaccountsignup
创造
谢谢@AAHN,请找到更多关于在github问题上使用AAD UserWriteUsingLogonEmail的建议,以及-
如果仍然存在问题,请共享相关ID和时间戳以进行调查。您似乎没有在旅途中的任何地方引用AAD UserWriteUsingLogonEmail。所以没有人叫它。除非它在LocalAccountSignUpWithLogonEmail的VTP中?在这种情况下,它将在步骤2中的RESTAPI之前被调用。因此,此时该值将为null。
</ValidationTechnicalProfiles>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-AAD" />
</TechnicalProfile>