Azure B2C - Renaming an output claim

0
votes

I am using Azure B2C (Azure AD as my identity provider). I am using custom policies, I have a simple goal I am trying to accomplish, I am trying to rename a claim. Here is my example, this is taken from the Azure B2C starter packs https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/master/LocalAccounts

I am requesting my surname from Azure B2C, it returns in a claim "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", my goal is to change the name of this claim from "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" to "lastname", I noticed the following definition exists in TrustFrameworkBase.xml:

<ClaimType Id="surname">
  <DisplayName>Surname</DisplayName>
  <DataType>string</DataType>
  <DefaultPartnerClaimTypes>
    <Protocol Name="OAuth2" PartnerClaimType="family_name" />
    <Protocol Name="OpenIdConnect" PartnerClaimType="family_name" />
    <Protocol Name="SAML2" PartnerClaimType="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" />
  </DefaultPartnerClaimTypes>
</ClaimType>

I am just not sure how to get it to return another name, since that is PartnerClaimType and that needs to be exact.

1
azure-active-directoryazure-ad-b2cazure-ad-graph-api

1 Answers

1
votes

You can rename in relying party technical profile in one of the leaf policies. Use PartenrClaimtype attribute in output claim element.

Define a claim named as last name

<ClaimType Id="lastname">
  <DisplayName>LastName</DisplayName>
  <DataType>string</DataType>
</ClaimType>

And then in the relying party section

<RelyingParty>
    <DefaultUserJourney ReferenceId="SignUpOrSignIn" />
    <TechnicalProfile Id="PolicyProfile">
      <DisplayName>PolicyProfile</DisplayName>
      <Protocol Name="OpenIdConnect" />
      <OutputClaims>
        <OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="lastname" />
      </OutputClaims>
      <SubjectNamingInfo ClaimType="sub" />
    </TechnicalProfile>
  </RelyingParty>