Reputation: 118
Error getting SAML Metadata for Azure AD B2C Policy - AADB2C90022
Setting up a custom policy in Azure AD B2C to connect to an ADFS Identity Provider. This requires a SAML metadata endpoint as specified in the documentation at the link below.
The error being encountered is:
AADB2C90022: Unable to return metadata for the policy [my-policy] in tenant [my-tenant].onmicrosoft.com.
and is being encountered when I go to the endpoint:
https://login.microsoftonline.com/te/[my-tenant].onmicrosoft.com/[my-policy]/samlp/metadata?idptp=[my-technical-profile]
I have tried making the request from the b2clogin.com endpoint with the same result as above.
I have also tried using my tenantId GUID in place of [my-tenant].onmicrosoft.com which resulted in the exact same result.
Upvotes: 0
Views: 3003
Answers (1)
Reputation: 136
Re-visit the process by which you created the certificate, uploaded it to your 'Policy Keys' and referenced it in your custom policy files.
My scenario was similar, I had the same error and no output via Application Insights / Journey Recorder. I had tried to avoid using 'makecert.exe' and instead used another SSC generation tool. This simply did not work, I think because the private key was not being incorporated in the certificate file.
This guide has been invaluable, see also this test facility
Upvotes: 0
Related Questions
- AADB2C90088: The provided grant has not been issued for this endpoint
- Azure Active Directory B2C AADB2C90051: No suitable claims providers were found
- Unable to obtain configuration from Azure AD B2C
- Azure AD B2C AADB2C99002 error - but I do exist
- Azure B2C Custom Policies OpenId-Configuration Error AADB2C90022
- Azure B2C - Assertion not signed. Policy requires signed assertions
- AADSTS75005: The request is not a valid Saml2 protocol message.
- Azure AD B2C Internal Error uploading Custom Policy
- B2C SAML missing claims
- Get SAML metadata from Azure AD B2C to set up a circle of trust with an identity provider