You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory-b2c/active-directory-b2c-guide-troubleshooting-custom.md
+7-4Lines changed: 7 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,14 +8,14 @@ manager: celestedg
8
8
ms.service: active-directory
9
9
ms.workload: identity
10
10
ms.topic: conceptual
11
-
ms.date: 08/09/2019
11
+
ms.date: 08/13/2019
12
12
ms.author: marsma
13
13
ms.subservice: B2C
14
14
---
15
15
16
16
# Troubleshoot Azure AD B2C custom policies and Identity Experience Framework
17
17
18
-
If you use Azure Active Directory B2C (Azure AD B2C) custom policies, you might experience challenges setting up the Identity Experience Framework in its policy language XML format. Learning to write custom policies can be like learning a new language. In this article, we describe tools and tips that can help you quickly discover and resolve issues.
18
+
If you use Azure Active Directory B2C (Azure AD B2C) custom policies, you might experience challenges setting up the Identity Experience Framework in its policy language XML format. Learning to write custom policies can be like learning a new language. In this article, we describe some tools and tips that can help you discover and resolve issues.
19
19
20
20
This article focuses on troubleshooting your Azure AD B2C custom policy configuration. It doesn't address the relying party application or its identity library.
21
21
@@ -39,7 +39,7 @@ Common validation errors include the following:
39
39
40
40
* The ClaimType value might be misspelled, or does not exist in the schema.
41
41
* ClaimType values must be defined in at least one of the files in the policy.
42
-
For example: `<ClaimType Id="socialIdpUserId">`
42
+
For example: `<ClaimType Id="issuerUserId">`
43
43
* If ClaimType is defined in the extensions file, but it's also used in a TechnicalProfile value in the base file, uploading the base file results in an error.
44
44
45
45
> Error snippet: `...makes a reference to a ClaimsTransformation with id...`
@@ -53,17 +53,20 @@ Common validation errors include the following:
53
53
## Troubleshoot the runtime
54
54
55
55
* Use **Run now** and `https://jwt.ms` to test your policies independently of your web or mobile application. This website acts like a relying party application. It displays the contents of the JSON Web Token (JWT) that is generated by your Azure AD B2C policy. To create a test application, navigate to **Azure AD B2C**\>**Applications** in the Azure portal and add an application with the following values:
56
+
56
57
***Name**: TestApp
57
58
***Web App/Web API**: No
58
59
***Native client**: No
59
60
61
+
Then, add `https://jwt.ms` as a **Reply URL**.
62
+
60
63
* To trace the exchange of messages between your client browser and Azure AD B2C, use [Fiddler](https://www.telerik.com/fiddler). It can help you get an indication of where your user journey is failing in your orchestration steps.
61
64
62
65
* In **Development mode**, use [Application Insights](active-directory-b2c-troubleshoot-custom.md) to trace the activity of your Identity Experience Framework user journey. In **Development mode**, you can observe the exchange of claims between the Identity Experience Framework and the various claims providers that are defined by technical profiles, such as identity providers, API-based services, the Azure AD B2C user directory, and other services, like Azure Multi-Factor Authentication.
63
66
64
67
## Recommended practices
65
68
66
-
**Keep multiple versions of your scenarios. Group them in a project with your application.** The base, extensions, and relying party files are directly dependent on each other. Save them as a group. As new features are added to your policies, keep separate working versions. Stage working versions in your own file system with the application code they interact with. Your applications might invoke many different relying party policies in a tenant. They might become dependent on the claims that they expect from your Azure AD B2C policies.
69
+
**Keep multiple versions of your scenarios. Group them in a project with your application.** The base, extensions, and relying party files are directly dependent on each other. Save them as a group. As new features are added to your policies, keep separate working versions. Stage working versions in your own file system with the application code they interact with. Your applications might invoke many different relying party policies in a tenant. They might become dependent on the claims that they expect from your Azure AD B2C policies.
67
70
68
71
**Develop and test technical profiles with known user journeys.** Use tested starter pack policies to set up your technical profiles. Test them separately before you incorporate them into your own user journeys.
0 commit comments