Menu
I have encountered a problem in creating a custom policy for Azure AD B2C authentication and would like to look in the detail of the server error with a correlation ID.
But, even if I'm logging into the B2C tenant in Powershell via Connect-AzureAD -[hoge].onmicrosoft.com", when I hit Get-AzureRmLog, it requires me to login to my Azure account of [fuga]@outlook.com (not B2C tenant) and I cannot access the subscription in B2C.
So how can I investigate errors occurred in B2C tenant? Also if there's a way to get it done without Powershell it'd be much better.
EDIT:
The error seems occurred when I try signing-in via the custom policy of the tenant. Below is the header showing the error.
582
Sign in to the Azure portal. Make sure you're using the directory that contains your Azure AD B2C tenant. Select the Directories + subscriptions icon in the portal toolbar. On the Portal settings | Directories + subscriptions page, find your Azure AD B2C directory in the Directory name list, and then select Switch.
You can debug a custom policy by sending the log entries from Azure AD B2C to Azure Application Insights as described by Azure Active Directory B2C: Collecting Logs.
A log entry contains the correlation identifier.
Note that there is a short delay (less than five minutes) before the log entries are sent.
If you don't want to wait, then you can configure the custom policy with the following settings to send the log entries from Azure AD B2C via an ngrok endpoint to your local machine:
<TrustFrameworkPolicy
PolicySchemaVersion="0.3.0.0"
TenantId="***.onmicrosoft.com"
PolicyId="B2C_1A_***"
...
DeploymentMode="Development"
UserJourneyRecorderEndpoint="https://***.ngrok.io"
... />
UPDATE: 4 April 2019
Unfortunately, support for sending the log entries to a HTTP endpoint has been deprecated, so you must use Azure Application Insights.
101
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
