IefPolicies

3.1.15

strings/Google.xml

                                <ClaimsProvider xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06">

    <!-- see https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-google?pivots=b2c-custom-policy /-->

    <Domain>{{{0}:domainName}}</Domain>

    <DisplayName>Google</DisplayName>

    <TechnicalProfiles>

      <TechnicalProfile Id="Google-OAUTH2">

        <DisplayName>{{{0}:displayName}}</DisplayName>

        <Protocol Name="OAuth2" />

        <Metadata>

          <Item Key="ProviderName">google</Item>

          <Item Key="authorization_endpoint">https://accounts.google.com/o/oauth2/auth</Item>

          <Item Key="AccessTokenEndpoint">https://accounts.google.com/o/oauth2/token</Item>

          <Item Key="ClaimsEndpoint">https://www.googleapis.com/oauth2/v1/userinfo</Item>

          <Item Key="scope">email profile</Item>

          <Item Key="HttpBinding">POST</Item>

          <Item Key="UsePolicyInRedirectUri">false</Item>

          <Item Key="client_id">{{{0}:clientId}}</Item>

        </Metadata>

        <CryptographicKeys>

          <Key Id="client_secret" StorageReferenceId="B2C_1A_GoogleSecret" />

        </CryptographicKeys>

        <OutputClaims>

          <OutputClaim ClaimTypeReferenceId="issuerUserId" PartnerClaimType="id" />

          <OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="email" />

          <OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="given_name" />

          <OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="family_name" />

          <OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="name" />

          <OutputClaim ClaimTypeReferenceId="identityProvider" DefaultValue="google.com" />

          <OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="socialIdpAuthentication" />

        </OutputClaims>

        <OutputClaimsTransformations>

          <OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName" />

          <OutputClaimsTransformation ReferenceId="CreateUserPrincipalName" />

          <OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId" />

          <OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId" />

        </OutputClaimsTransformations>

        <UseTechnicalProfileForSessionManagement ReferenceId="SM-SocialLogin" />

      </TechnicalProfile>

    </TechnicalProfiles>

  </ClaimsProvider>