White space error in Azure B2C force-password-reset-after-90-days policy validation

  Kiến thức lập trình

I’m getting a the following error below for the policy below:

Error:

Validation failed: 1 validation error(s) found in policy
“B2C IA FORCEPASSWORDRESET90 SIGNUP SIGNIN”
of tenant “example.onmicrosoft.com”.Schema
validation error found at line 9 col 38 in policy
“B2C IA FORCEPASSWORDRESET90 SIGNUP SIGNIN”
of tenant “example.onmicrosoft.com”: The
element cannot contain white space. Content model is
empty.Schema validation error found at line 9 col 38 in
policy
“B2C IA FORCEPASSWORDRESET90 SIGNUP SIGNIN”
of tenant “example.onmicrosoft.com”: The
element cannot contain white space. Content model is
empty.

Policy:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TrustFrameworkPolicy
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
  PolicySchemaVersion="0.3.0.0"
  TenantId="example.onmicrosoft.com"
  PolicyId="B2C_1A_ForcePasswordReset90_signup_signin"
  PublicPolicyUri="http://example.onmicrosoft.com/B2C_1A_ForcePasswordReset90_signup_signin">
  <BasePolicy>
    <TenantId>example.onmicrosoft.com</TenantId>
    <PolicyId>B2C_1A_ForcePasswordReset_TrustFrameworkExtensions</PolicyId>
  </BasePolicy>
  <RelyingParty>
    <DefaultUserJourney ReferenceId="SignInWithForcePasswordReset" />
    <TechnicalProfile Id="PolicyProfile">
      <Protocol Name="OpenIdConnect">
        <Metadata>
          <Item Key="ApplicationObjectId">00000000-0000-0000-0000-000000000000</Item>
        </Metadata>
      </Protocol>
      <DisplayName>SignIn With Force Password Reset</DisplayName>
      <OutputClaims>
        <OutputClaim ClaimTypeReferenceId="displayName" />
        <OutputClaim ClaimTypeReferenceId="givenName" />
        <OutputClaim ClaimTypeReferenceId="surname" />
        <OutputClaim ClaimTypeReferenceId="email" />
        <OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub"/>
        <OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}" />
        <!--Sample action required: Remove following claims in production environment-->
        <OutputClaim ClaimTypeReferenceId="currentDateTime" /> 
        <OutputClaim ClaimTypeReferenceId="extension_passwordResetOn" />
        <OutputClaim ClaimTypeReferenceId="isPasswordResetOnGreaterThanNow" />
        <OutputClaim ClaimTypeReferenceId="isPasswordResetOnPresent" />
        <OutputClaim ClaimTypeReferenceId="skipPasswordReset" />
      </OutputClaims>
      <SubjectNamingInfo ClaimType="sub" />
    </TechnicalProfile>
  </RelyingParty>
</TrustFrameworkPolicy>

This is almost identical to the policy in the github sample here: https://github.com/azure-ad-b2c/samples/tree/master/policies/force-password-reset-after-90-days
The specific policy: SignUpOrSignin.xml

The only differences between mine and the sample are: I had to include a Metadata node with an ApplicationObjectId to overcome a validation error. I’m using a different DefaultUserJourney/ReferenceId (which matches the one in the BasePolicy).

LEAVE A COMMENT