none
AD FS as IDP for AD FS combined with B2C RRS feed

  • Question

  • Hello All,

    We have configured B2C with authentication to an ADFS server. From this ADFS server there is an external ADFS server as IDP.

    Authentication from the "first" ADFS server to B2C is working fine.

    Authentication from the "first" ADFS server to the external ADFS server as IDP is working fine

    But authenticating from B2C to (first) ADFS to external ADFS server fails. 

    I get the error message below:

    MSIS9364: Cannot complete the OAuth request.  An id token is required by the request but one cannot be constructed because no Anchor claim is present. Verify the AnchorClaimType property on the associated Claims Provider Trust is set correctly.

    Kind regards,

    Bas van Straaten


    Friday, October 18, 2019 2:48 PM

All replies

  • Try setting the AnchorClaimType to the user identifier e.g. email or UPN.

    Monday, October 21, 2019 5:41 PM
    Moderator
  • Hello,

    Thanks for replying, but I have set the AnchorClaimType with the following settings:

    AnchorClaimType : http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

    Kind regards

    Bas

    Wednesday, October 23, 2019 2:52 PM
  • I knew this rang a bell!!!

    https://nzpcmad.blogspot.com/2018/02/adfs-msis9642-request-cannot-be.html

    Wednesday, October 23, 2019 5:51 PM
    Moderator
  • Hello,

    That's one of the articles I used to configure this.

    But unfortunately, I can't get it to work? 

    The first warning I get is:

    Unable to create IDToken as Anchor claim is not present. Verify the AnchorClaimType property on the associated Claims Provider Trust is set correctly.

    (Get-AdfsClaimsProviderTrust -Name "CPname").anchorclaimtype returns:
    http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

    Any ideas? 

    Kind regards

    Bas

    Friday, October 25, 2019 12:55 PM
  • Are you passing through the claim?

    "Remember that you need to pass-through this claim in the CP claims rules and the RP claims rule".

    Monday, October 28, 2019 6:00 PM
    Moderator