DEVHIDE
Login Or Sign up

Azure AD B2C - Unable to fix the OrchestrationStep depending upon the conditional true/false

109 Views Asked by At

I am facing one weird issue while putting steps in OrchestrationStep.

I have a requirement to allow or deny user login depending upon user IP address. I am calling an API to check user and IP information and return a boolean type.

enter image description here

Now, I want to make a decision based on BlockSignIn variable value returned by API. I am calling API on step 2(shown in the below steps.)

Step 3 is to make a decision, whether to allow login or not depending on the value of BlockSignIn

<OrchestrationStep Order="2" Type="ClaimsExchange">
  <ClaimsExchanges>
  <ClaimsExchange Id="ClaimsTransformation-SetIsTrustedIPClaim" TechnicalProfileReferenceId="ClaimsTransformation-SetIsTrustedIPClaim" />
  </ClaimsExchanges>
</OrchestrationStep>

<OrchestrationStep Order="3" Type="ClaimsExchange">
  <Preconditions>
    <Precondition Type="ClaimEquals" ExecuteActionsIf="true">
      <Value>BlockSignIn</Value>
      <Value>true</Value>
      <Action>SkipThisOrchestrationStep</Action>
    </Precondition>
  </Preconditions>
  <ClaimsExchanges>
    <ClaimsExchange Id="BlockUser" TechnicalProfileReferenceId="Selfasserted-Blockuser" />
  </ClaimsExchanges>
</OrchestrationStep>

These are my OrchestrationSteps sequence.

Scenarios:

If I return BlockSignIn = true, then it shows me a page with a message that my IP is blocked.

If I return BlockSignIn = false, then it gave me a Server Error with the below details. I am not sure where to check the further details.

AADB2C: An exception has occurred.

Correlation ID: 7a031ab6-0bca-4820-afd2-597b09b975b4

Timestamp: <>

If I update Orchestration step 3 to set to <Value>false</Value>, then it blocks login on returning true from API but gives a similar error on returning false from API.

<OrchestrationStep Order="3" Type="ClaimsExchange">
  <Preconditions>
    <Precondition Type="ClaimEquals" ExecuteActionsIf="true">
      <Value>BlockSignIn</Value>
      <Value>false</Value>
      <Action>SkipThisOrchestrationStep</Action>
    </Precondition>
  </Preconditions>
  <ClaimsExchanges>
    <ClaimsExchange Id="BlockUser" TechnicalProfileReferenceId="Selfasserted-Blockuser" />
  </ClaimsExchanges>
</OrchestrationStep>

I want to achieve below results:

  1. If API returns true(for BlockSignIn), then show the error page.

  2. If API returns false(for BlockSignIn), then proceed further with the next steps to log in.

Can someone guide me, please?

azure-active-directory azure-ad-b2c azure-ad-b2c-custom-policy identity-experience-framework
Original Q&A
1

There are 1 best solutions below

0
Alex On

Assuming that "BlockSignIn" is a boolean claim. Try change your precondition value True or Flase:

Eg:

<Precondition Type="ClaimEquals" ExecuteActionsIf="true">
      <Value>BlockSignIn</Value>
      <Value>True</Value>
      <Action>SkipThisOrchestrationStep</Action>
 </Precondition>

For more details please go through this link.

Related Questions in AZURE-ACTIVE-DIRECTORY

Related Questions in AZURE-AD-B2C

Related Questions in AZURE-AD-B2C-CUSTOM-POLICY

Related Questions in IDENTITY-EXPERIENCE-FRAMEWORK

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.