Email claims not populated with custom policies in Azure B2C

2
votes

I have Azure B2C with custom policies with Local Login and Microsoft Account login enabled. I have started with the starter pack and made some modifications to add my custom logic for validate and add additional claims as explained here.

Everything works fine with Microsoft Account. But I am facing issues with Local Account Sign in.

  1. email claim is only populated when the user signup but not on sign-in. In case of sign-in the email is part of "signInNames.emailAddress" claim. I tried making changes as explained here and here. I would like the email to be populate in email claim as my API uses this claim.

  2. Additional calims returned from my REST API are not added to token only for Local Login. They are added for Microsoft Account.

thank you.

Update: For point 2, its a problem with my policy file and is now fixed.

1
azureazure-active-directoryazure-ad-b2c

1 Answers

5
votes

There is a simple method to return email claim.

Just replace <OutputClaim ClaimTypeReferenceId="email" /> with <OutputClaim ClaimTypeReferenceId="signInNames.emailAddress" PartnerClaimType="email" /> in your SignUporSignIn.xml file.

You need to sign up new local user and then sign in to test it. You will see the email claim.

In fact, this solution has been provided by @Wayne Yang in the post you shared.