Muokkaa

Jaa


StringCollection claims transformations

This article provides examples for using the string collection claims transformations of the Identity Experience Framework schema in Azure Active Directory B2C (Azure AD B2C). For more information, see claims transformations.

AddItemToStringCollection

Adds a string claim to a new unique values stringCollection claim. Check out the Live demo of this claims transformation.

Element TransformationClaimType Data Type Notes
InputClaim Element string The ClaimType to be added to the output claim.
InputClaim collection stringCollection The string collection to be added to the output claim. If the collection contains items, the claims transformation copies the items, and adds the item to the end of the output collection claim.
OutputClaim collection stringCollection The ClaimType that is produced after this claims transformation has been invoked, with the value specified in the input claim.

Use this claims transformation to add a string to a new or existing stringCollection. It's commonly used in a AAD-UserWriteUsingAlternativeSecurityId technical profile. Before a new social account is created, CreateOtherMailsFromEmail claims transformation reads the ClaimType and adds the value to the otherMails ClaimType.

Example of AddItemToStringCollection

The following claims transformation adds the email ClaimType to otherMails ClaimType.

<ClaimsTransformation Id="CreateOtherMailsFromEmail" TransformationMethod="AddItemToStringCollection">
  <InputClaims>
    <InputClaim ClaimTypeReferenceId="email" TransformationClaimType="item" />
    <InputClaim ClaimTypeReferenceId="otherMails" TransformationClaimType="collection" />
  </InputClaims>
  <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="otherMails" TransformationClaimType="collection" />
  </OutputClaims>
</ClaimsTransformation>
  • Input claims:
    • collection: ["someone@outlook.com"]
    • item: "admin@contoso.com"
  • Output claims:
    • collection: ["someone@outlook.com", "admin@contoso.com"]

AddParameterToStringCollection

Adds a string parameter to a new unique values stringCollection claim. Check out the Live demo of this claims transformation.

Element TransformationClaimType Data Type Notes
InputClaim collection stringCollection The string collection to be added to the output claim. If the collection contains items, the claims transformation copies the items, and adds the item to the end of the output collection claim.
InputParameter Element string The value to be added to the output claim.
OutputClaim collection stringCollection The ClaimType that is produced after this claims transformation has been invoked, with the value specified in the input parameter.

Example of AddParameterToStringCollection

The following example adds a constant email address (admin@contoso.com) to the otherMails claim.

<ClaimsTransformation Id="SetCompanyEmail" TransformationMethod="AddParameterToStringCollection">
  <InputClaims>
    <InputClaim ClaimTypeReferenceId="otherMails" TransformationClaimType="collection" />
  </InputClaims>
  <InputParameters>
    <InputParameter Id="item" DataType="string" Value="admin@contoso.com" />
  </InputParameters>
  <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="otherMails" TransformationClaimType="collection" />
  </OutputClaims>
</ClaimsTransformation>
  • Input claims:
    • collection: ["someone@outlook.com"]
  • Input parameters
    • item: "admin@contoso.com"
  • Output claims:
    • collection: ["someone@outlook.com", "admin@contoso.com"]

GetSingleItemFromStringCollection

Gets the first item from the provided string collection. Check out the Live demo of this claims transformation.

Element TransformationClaimType Data Type Notes
InputClaim collection stringCollection The ClaimTypes that are used by the claims transformation to get the item.
OutputClaim extractedItem string The ClaimTypes that are produced after this ClaimsTransformation has been invoked. The first item in the collection.

Example of GetSingleItemFromStringCollection

The following example reads the otherMails claim and returns the first item into the email claim.

<ClaimsTransformation Id="CreateEmailFromOtherMails" TransformationMethod="GetSingleItemFromStringCollection">
  <InputClaims>
    <InputClaim ClaimTypeReferenceId="otherMails" TransformationClaimType="collection" />
  </InputClaims>
  <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="email" TransformationClaimType="extractedItem" />
  </OutputClaims>
</ClaimsTransformation>
  • Input claims:
    • collection: ["someone@outlook.com", "someone@contoso.com"]
  • Output claims:
    • extractedItem: "someone@outlook.com"

StringCollectionContains

Checks if a StringCollection claim type contains an element. Check out the Live demo of this claims transformation.

Element TransformationClaimType Data Type Notes
InputClaim inputClaim stringCollection The claim to be searched.
InputParameter item string The value to search.
InputParameter ignoreCase string Specifies whether this comparison should ignore the case of the strings being compared.
OutputClaim outputClaim boolean The ClaimType that is produced after this ClaimsTransformation has been invoked. A boolean indicator if the collection contains such a string

Example of StringCollectionContains

Following example checks whether the roles stringCollection claim type contains the value of admin.

<ClaimsTransformation Id="IsAdmin" TransformationMethod="StringCollectionContains">
  <InputClaims>
    <InputClaim ClaimTypeReferenceId="roles" TransformationClaimType="inputClaim"/>
  </InputClaims>
  <InputParameters>
    <InputParameter  Id="item" DataType="string" Value="Admin"/>
    <InputParameter  Id="ignoreCase" DataType="string" Value="true"/>
  </InputParameters>
  <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="isAdmin" TransformationClaimType="outputClaim"/>
  </OutputClaims>
</ClaimsTransformation>
  • Input claims:
    • inputClaim: ["reader", "author", "admin"]
  • Input parameters:
    • item: "Admin"
    • ignoreCase: "true"
  • Output claims:
    • outputClaim: "true"

StringCollectionContainsClaim

Checks if a StringCollection claim type contains a claim value. Check out the Live demo of this claims transformation.

Element TransformationClaimType Data Type Notes
InputClaim collection stringCollection The claim to be searched.
InputClaim item string The claim type that contains the value to search.
InputParameter ignoreCase string Specifies whether this comparison should ignore the case of the strings being compared.
OutputClaim outputClaim boolean The ClaimType that is produced after this ClaimsTransformation has been invoked. A boolean indicator if the collection contains such a string

Example of StringCollectionContainsClaim

Following example checks whether the roles stringCollection claim type contains the value of the role claim type.

<ClaimsTransformation Id="HasRequiredRole" TransformationMethod="StringCollectionContainsClaim">
  <InputClaims>
    <InputClaim ClaimTypeReferenceId="roles" TransformationClaimType="collection" />
    <InputClaim ClaimTypeReferenceId="role" TransformationClaimType="item" />
  </InputClaims>
  <InputParameters>
    <InputParameter Id="ignoreCase" DataType="string" Value="true" />
  </InputParameters>
  <OutputClaims>
    <OutputClaim ClaimTypeReferenceId="hasAccess" TransformationClaimType="outputClaim" />
  </OutputClaims>
</ClaimsTransformation> 
  • Input claims:
    • collection: ["reader", "author", "admin"]
    • item: "Admin"
  • Input parameters:
    • ignoreCase: "true"
  • Output claims:
    • outputClaim: "true"

Next steps