Azure B2C custom saml policy: Different claims per App

Question

I followed this manual to register SAML to my azure b2c: https://learn.microsoft.com/en-us/azure/active-directory-b2c/connect-with-saml-service-providers

With this I am able to define SAML claims in my new TechnicalProfile with for example

<OutputClaim ClaimTypeReferenceId="surname"/>

Now, I have application which expects EXACTLY some attributes with a specific name. Setting PartnerClaimType to some custom string will result in a saml attribute with that string as attribut name:

<OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="LastName" />

This will result in:

<saml:Attribute Name="LastName"
    NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
    FriendlyName="Surname">
    <saml:AttributeValue xsi:type="xs:string">Peters</saml:AttributeValue>
</saml:Attribute>

But I can just configure claims on that profile - I need to specify it in the app registration in azure. So the 1st application needs attribute "surname", next needs "FamilyName" and 3rd needs "LastName".

How can I use the claim defined in the policy and change it in the app? I saw there is some property "optionalClaims" in the manifest and there are "saml2Token". But the documentation of this did not helped me (https://learn.microsoft.com/de-de/azure/active-directory/develop/active-directory-optional-claims).

Answer 1

If you are connecting 3 SAML Relying Parties, you would have 3 Application Registrations, and 3 Relying Party technical profiles as part of your Custom Policy. Each Relying party section would have the required claims mappings.