AAD - ClaimsMappingPolicy - Where can you view these outputs / errors?
Attempted to use AzureADServicePrincipalPolicy as per documentation - all samples fail during login with generic error when federating login (via b2c to aad OIDC SSO)
AADB2C90289: We encountered an error connecting to the identity provider. Please try again later.
Correlation ID: 127cf693-6f09-4a68-9a11-e371928b65f2
Timestamp: 2020-06-18 16:12:42Z
Where can you view these ClaimsMappingPolicy outputs / errors? Sign-In logs show nothing of interest (shows success actually) so it must be post authentication.
Intention is to to use a claim mapping to send other mails claim:
New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema": [{"Source":"user","ID":"othermail","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress","JwtClaimType":"mail"}]}}') -DisplayName "AddOtherMailClaim" -Type "ClaimsMappingPolicy"
Even using the built in sample throws exception when linking policy to an SP:
New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema": [{"Source":"user","ID":"employeeid","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeid","JwtClaimType":"name"},{"Source":"company","ID":"tenantcountry","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country","JwtClaimType":"country"}]}}') -DisplayName "ExtraClaimsExample" -Type "ClaimsMappingPolicy"