Debugging Role Mapping?
Hi. We're switching SSO things around to an Azure B2C setup, and it's all working EXCEPT for Role Mapping.
Previous, Role Mapping was configured in:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role
Apparently w/ B2C restrictions, we had to use a different path, so I mapped to that:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/extension_role
Is there any way to debug to see what value is being passed in here when a user signs in? We *think* it's passing "Employee" (which would match the Employee role). But, we don't know what's wrong so we're looking for a way to verify.
Take a look at SAML-Tracer browser addon. There are flavors of it for Firefox and Chrome. It should let you see what you're looking for. Just be sure to switch to the SAML or Summary tabs after the resources load.
https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/
https://chrome.google.com/webstore/detail/saml-tracer/mpdajninpobndbfcldcmbpnnbhibjmch
