问题描述
在Azure AD B2C中设置自定义策略以连接到ADFS身份提供程序.这需要下面链接中的文档中指定的SAML元数据终结点.
Setting up a custom policy in Azure AD B2C to connect to an ADFS Identity Provider. This requires a SAML metadata endpoint as specified in the documentation at the link below.
遇到的错误是:
AADB2C90022:无法在租户[my-tenant] .onmicrosoft.com中返回策略[my-policy]的元数据.
并且在我进入端点时遇到:
and is being encountered when I go to the endpoint:
https://login.microsoftonline.com/te/[my-tenant] .onmicrosoft.com/[my-policy]/samlp/metadata?idptp = [my-technical-profile]
我尝试从b2clogin.com端点发出请求,结果与上述相同.
I have tried making the request from the b2clogin.com endpoint with the same result as above.
我还尝试使用tenantId GUID代替[my-tenant] .onmicrosoft.com,结果完全相同.
I have also tried using my tenantId GUID in place of [my-tenant].onmicrosoft.com which resulted in the exact same result.
推荐答案
重新访问创建证书的过程,将其上载到策略密钥"并在自定义策略文件中引用它.
Re-visit the process by which you created the certificate, uploaded it to your 'Policy Keys' and referenced it in your custom policy files.
我的情况相似,我有相同的错误,并且没有通过Application Insights/Journey Recorder进行输出.我曾尝试避免使用"makecert.exe",而是使用了另一个SSC生成工具.我认为这根本行不通,因为私钥没有合并到证书文件中.
My scenario was similar, I had the same error and no output via Application Insights / Journey Recorder.I had tried to avoid using 'makecert.exe' and instead used another SSC generation tool. This simply did not work, I think because the private key was not being incorporated in the certificate file.
This guide has been invaluable, see also this test facility
这篇关于获取Azure AD B2C策略的SAML元数据时出错-AADB2C90022的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!