We have a custom policy setup that validates a phone number when a user signs. The phone number is validated on a separate screen after the user completes their social login. The issue is the token that is generated does not include the phone number. If the user logs out and logs back in, the phone number is then included in the token. How do I get the phone number included in the initial token so the user does not need to log out?
0
votes
1 Answers
0
votes
You can add the strongAuthenticationPhoneNumber claim, as an outgoing claim in the ID token:
<RelyingParty>
<DefaultUserJourney ReferenceId="SignUpOrSignIn" />
<TechnicalProfile Id="PolicyProfile">
<DisplayName>PolicyProfile</DisplayName>
<Protocol Name="OpenIdConnect" />
<OutputClaims>
...
<OutputClaim ClaimTypeReferenceId="strongAuthenticationPhoneNumber" PartnerClaimType="phone_number" />
</OutputClaims>
<SubjectNamingInfo ClaimType="sub" />
</TechnicalProfile>
</RelyingParty>
