Skip to content

Commit d5f9c35

Browse files
authored
Merge pull request #177040 from WhippsP/patch-18
Update to IdentifierURI Requirement
2 parents a7b54d0 + 0110168 commit d5f9c35

File tree

1 file changed

+5
-2
lines changed

1 file changed

+5
-2
lines changed

articles/active-directory-b2c/saml-service-provider.md

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -313,7 +313,10 @@ For SAML apps, you need to configure several properties in the application regis
313313

314314
When your SAML application makes a request to Azure AD B2C, the SAML AuthN request includes an `Issuer` attribute. The value of this attribute is typically the same as the application's metadata `entityID` value. Azure AD B2C uses this value to look up the application registration in the directory and read the configuration. For this lookup to succeed, `identifierUri` in the application registration must be populated with a value that matches the `Issuer` attribute.
315315

316-
In the registration manifest, find the `identifierURIs` parameter and add the appropriate value. This value will be the same value that's configured in the SAML AuthN requests for `EntityId` at the application, and the `entityID` value in the application's metadata.
316+
In the registration manifest, find the `identifierURIs` parameter and add the appropriate value. This value will be the same value that's configured in the SAML AuthN requests for `EntityId` at the application, and the `entityID` value in the application's metadata. You will also need to find the `accessTokenAcceptedVersion` paramater and set the value to `2`.
317+
318+
> [!IMPORTANT]
319+
> If you do not update the `accessTokenAcceptedVersion` to `2` you will recive an error message requiring a verfied domain.
317320
318321
The following example shows the `entityID` value in the SAML metadata:
319322

@@ -434,4 +437,4 @@ The following SAML application scenarios are supported via your own metadata end
434437
<!-- LINKS - External -->
435438
[samltest]: https://aka.ms/samltestapp
436439

437-
::: zone-end
440+
::: zone-end

0 commit comments

Comments
 (0)