![](/img/trans.png)
[英]Use MSAL in .NET C# to execute a custom policy flow in Azure AD B2C
[英]How to use IdentityServer3 or 4 in Azure B2c as custom policy
github問題參考: https : //github.com/Azure-Samples/active-directory-b2c-advanced-policies/issues/21
到目前為止,我已經嘗試過與郵遞員一起獲得JWT令牌作為響應https://kamidp.azurewebsites.net/core/connect/token/
當我嘗試使用Azure ad B2c自定義策略/TrustFrameworkExtensions.xml時,我無法進行調用或獲取任何JWT令牌作為響應。 我們在回復URL頁面上遇到的錯誤是: 租戶不包含所需的加密密鑰
如果有人在社區做過的任何想法。 謝謝
<ClaimsProviders>
<ClaimsProvider>
<Domain>ACSL</Domain>
<DisplayName>Login using ACSL</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="ContosoProfile">
<DisplayName>ACSL Employee</DisplayName>
<Description>Login with your ACSL account</Description>
<Protocol Name="OpenIdConnect"/>
<OutputTokenFormat>JWT</OutputTokenFormat>
<Metadata>
<Item Key="METADATA">https://kamidp.azurewebsites.net/core/.well-known/openid-configuration</Item>
<Item Key="ProviderName">ACSL</Item>
<Item Key="authorization_endpoint">https://kamidp.azurewebsites.net/core/connect/authorize</Item>
<Item Key="AccessTokenEndpoint">https://kamidp.azurewebsites.net/core/connect/token</Item>
<Item Key="ClaimsEndpoint">https://kamidp.azurewebsites.net/core/connect/userinfo</Item>
<Item Key="ClaimsEndpointAccessTokenName">id_token</Item>
<Item Key="ClaimsEndpointFormatName">format</Item>
<Item Key="ClaimsEndpointFormat">json</Item>
<Item Key="scope">api1</Item>
<Item Key="HttpBinding">POST</Item>
<Item Key="UsePolicyInRedirectUri">0</Item>
<Item Key="client_id">renukey</Item>
</Metadata>
<CryptographicKeys>
<Key Id="AcslExt" StorageReferenceId="B2C_1A_AcslExt"/>
</CryptographicKeys>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="socialIdpUserId" PartnerClaimType="oid"/>
<OutputClaim ClaimTypeReferenceId="tenantId" PartnerClaimType="tid"/>
<OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="given_name" />
<OutputClaim ClaimTypeReferenceId="surName" PartnerClaimType="family_name" />
<OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="name" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="contosoAuthentication" />
<OutputClaim ClaimTypeReferenceId="identityProvider" DefaultValue="AzureADContoso" />
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName"/>
<OutputClaimsTransformation ReferenceId="CreateUserPrincipalName"/>
<OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId"/>
<OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId"/>
</OutputClaimsTransformations>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop"/>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>
答案在這里
https://github.com/Azure-Samples/active-directory-b2c-advanced-policies/issues/21
chrispadgettlivecom評論3分鍾前優秀,@ kamranbashir,能否將帶有azure-ad-b2c標簽的上述問題發布到Stack Overflow,以便其他人可以回答它然后被發現?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.