https://community.appian.com/discussions/f/integrations/21498/b2c-saml-authentication-integration-errorI&#39;ve followed the steps from https://docs.microsoft.com/en-us/azure/active-directory-b2c/saml-service-provider?tabs=windows&amp;pivots=b2c-custom-policy While testing receiiving the error &quot;Application registered corresponding to IssuerUri &quot; &quot;&gt;https://xyzen-USTelligent Community 12https://community.appian.com/thread/84317?ContentTypeID=1Wed, 04 Aug 2021 11:36:15 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:02c9bf02-acec-4216-977f-a5ce6ae8f76fKarikalan Ramakrishnan<p>Done, thanks Acacio.</p><div style="clear:both;"></div>https://community.appian.com/thread/84218?ContentTypeID=1Sun, 01 Aug 2021 23:01:09 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:1fee7a9c-aa5f-4395-b423-0f833914c849Acacio Barrado<p>Hi Karikalan,</p> <p>That is a good tip, can you could you please change the status of the thread to answered so it can help more people in the future?</p> <p>Regards</p> <p>Acacio B</p><div style="clear:both;"></div>https://community.appian.com/thread/84212?ContentTypeID=1Sun, 01 Aug 2021 04:19:04 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:4061fc6f-077b-4bc2-9820-548731d50109Karikalan Ramakrishnan<p><span>&quot;The username or password provided in the request are invalid&quot; - This issue has been resolved by granting &quot;IdentityExperienceFramework&quot; (User_impersonation - Delegated Type) API permission. I could not see this solution on MS documents guidance, however this has resolved my issue. thanks.</span></p><div style="clear:both;"></div>https://community.appian.com/thread/84001?ContentTypeID=1Fri, 23 Jul 2021 22:18:22 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:0250ddf8-a42c-471b-824d-0a6e60b7301cKarikalan Ramakrishnan<p>Thanks Acacio, yes. It&#39;s set to None.</p> <p>Also I can we dont need to assign user like B2B as shown below, SAML tracer only shows the Request not Response. I&#39;ve tried registering the application both B2C Service plade and B2C Tenant AAD blade still receiving the same invalid user /pwd error. Same account has been created in B2C and Appian too.&nbsp; It looks more common error as discussed on&nbsp;<a href="https://docs.microsoft.com/en-us/answers/questions/50355/unable-to-sign-on-using-custom-policy.html">docs.microsoft.com/.../unable-to-sign-on-using-custom-policy.html</a></p> <p><img alt=" " src="/resized-image/__size/320x240/__key/communityserver-discussions-components-files/18/pastedimage1627078633050v1.png" /></p><div style="clear:both;"></div>https://community.appian.com/thread/84000?ContentTypeID=1Fri, 23 Jul 2021 22:11:56 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:a798e8ee-3c0c-4534-b2ea-6fdae4782e77Acacio Barrado<p>Quick question,&nbsp;</p> <p>Is your Authentication Method set to None?</p> <p><img src="/resized-image/__size/320x240/__key/communityserver-discussions-components-files/18/pastedimage1627078325988v1.png" alt=" " /></p><div style="clear:both;"></div>https://community.appian.com/thread/83999?ContentTypeID=1Fri, 23 Jul 2021 22:02:03 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:8512a920-83d5-45f1-b569-c00e8978cfbbKarikalan Ramakrishnan<p>Thanks Acacio, that issue has been resolved by changing to issuer id as suggested in the forum&nbsp;<a href="https://stackoverflow.com/questions/65710654/mendix-and-azure-ad-b2c-authrequest-does-not-have-assertion-consumer-service-url">https://stackoverflow.com/questions/65710654/mendix-and-azure-ad-b2c-authrequest-does-not-have-assertion-consumer-service-url</a></p> <p>However, SP sign-in page now displaying an error &quot;The username or password provided in the request are invalid&quot;. Though username and password are correct not sure why I get this error...In B2B, I used to assign the user access to registered app whereas in B2C I don&#39;t see any such option, I was wondering how system will recognize B2C local account user has access privilege to the application?&nbsp;</p> <p></p> <p>&quot;identifierUris&quot;: [<br /> "https://xyz.com"<br /> ],</p> <p></p> <p><img height="425" src="/resized-image/__size/320x240/__key/communityserver-discussions-components-files/18/pastedimage1627077532196v1.png" width="418" alt=" " /></p><div style="clear:both;"></div>https://community.appian.com/thread/83998?ContentTypeID=1Fri, 23 Jul 2021 21:53:20 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:9a852933-798e-44cb-9fd1-4b6c290678a4Acacio Barrado<p>Hi Karikalan,</p> <p>You can try to have a look in this link, perhaps this can help you to double check your configurations on the Azure side:</p> <p><a href="https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/appian-tutorial#next-steps">https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/appian-tutorial#next-steps</a></p> <p>When I got a similar error was because of the Reply URL that was not saved:</p> <p><img src="/resized-image/__size/320x240/__key/communityserver-discussions-components-files/18/pastedimage1627077168042v1.png" alt=" " /></p> <p></p> <p>But following the steps provided on the link solved my case.</p> <p>Hope that also help you.</p> <p>A.</p><div style="clear:both;"></div>https://community.appian.com/thread/83997?ContentTypeID=1Fri, 23 Jul 2021 21:35:19 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:365d9ae2-3308-4a6a-b546-6e048e415b4dKarikalan Ramakrishnan<p>Thanks Acacio, still receiving the same error without &quot;Suite&quot; on it.</p> <p>&lt;samlp:StatusMessage&gt;Application registered corresponding to IssuerUri &quot;<a href="https://xyz.com">&quot;&gt;https://xyz.com&quot;</a> <br /> in AuthRequest does not have assertion consumer service URL &quot;https://<span>xyz.com</span>/suite/saml/AssertionConsumer&quot; specified in its metadata.</p> <p>Just want to make sure my B2C IdentityExperienceFramework application registration JSON Manifest, IdentifierUris format is correct,<br />&quot;identifierUris&quot;: [<br /> "https://xyz.com/c3bcfc1c-1234-4a3b-96e6-db0933071234"<br /> ],</p> <p>Secondly, I&#39;m not getting clearly what does this mean to do in <strong><code>TrustFrameworkExtensions.xml</code></strong><span>&nbsp;</span>?&nbsp;<span>From MS Ref. doc: You can change the value of the IssuerUri metadata item in the SAML token issuer technical profile. This change will be reflected in the issuerUri attribute returned in the SAML response from Azure AD B2C. Your application should be configured to accept the same issuerUri during SAML response validation.</span></p> <p><span><span class="hljs-tag">&lt;<span class="hljs-name">Metadata</span>&gt;</span> <span class="hljs-tag">&lt;<span class="hljs-name">Item</span> <span class="hljs-attr">Key</span>=<span class="hljs-string">&quot;IssuerUri&quot;</span>&gt;</span>https://issuerUriMyAppExpects<span class="hljs-tag">&lt;/<span class="hljs-name">Item</span>&gt;</span> <span class="hljs-tag">&lt;/<span class="hljs-name">Metadata</span>&gt; should be replaced as shown below?</span></span></p> <p><span>&lt;Metadata&gt;<br /> &lt;Item Key=&quot;IssuerUri&quot;&gt;xyz.com/.../Item&gt;<br /> &lt;/Metadata&gt;</span></p> <p><span><img src="/resized-image/__size/320x240/__key/communityserver-discussions-components-files/18/pastedimage1627076165222v1.png" alt=" " /></span></p> <p><span></span></p> <p><span></span></p><div style="clear:both;"></div>https://community.appian.com/thread/83995?ContentTypeID=1Fri, 23 Jul 2021 18:33:27 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:cf356326-51df-45b0-bafb-d6c0fa974804Acacio Barrado<p>Hi Karikalan,</p> <p>Could you please check in your Admin Console if in the&nbsp;<span>Service Provider Entity ID option the URL is defined in this pattern <a href="https://xyx.appiancloud.com">https://xyx.appiancloud.com</a></span></p> <p><span>You should not include the /suite</span></p> <p><span>Regards,</span></p> <p><span>Acacio B.</span></p><div style="clear:both;"></div>