question

StefanNovak-8458 avatar image
0 Votes"
StefanNovak-8458 asked soumi-MSFT answered

Azure AD B2C Custom Policy - Don't return an access token in SendClaims orchestration step

Hello.

I've created a custom user flow, and we do not require an access token at the end of it. At the end of all our User Journeys, we have an orchestration step:

 <OrchestrationStep Order="7" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />

If I remove this step I get a validation error, stating I must have a SendClaims step.

I tried to make my own ClaimsProvider. I called it NoToken and took out as much as I could, but I was forced to keep in

 <CryptographicKeys>
   <Key Id="issuer_secret" StorageReferenceId="B2C_1A_TokenSigningKeyContainer" />
 </CryptographicKeys>

But this seems to create an access token.

Is there any way I can avoid this?

Thanks

Stefan


azure-ad-b2c
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

soumi-MSFT avatar image
1 Vote"
soumi-MSFT answered

@StefanNovak-8458, Unfortunately, there are no way you can control the issuance of access-token using the custom policy.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.