This is the situation, Azure AD B2C custom policy: There are 2 types of passwords for my users, LongTermPasswords and temporary passwords.Long Term passwords must have at least 12 characters, and they follow a regular expression. Temporary passwords have at most 11 characters, and they don't follow a regular expression. This is the algorithm so far: if password matches regex => is long term password if password doesn't match regex => is temporary password. It is very important to know if the password is long term or temporary (a temporary password must follow a different flow). So I have created the following ClaimsTransformation:
<ClaimsTransformation Id="CheckIfLongTermPwd"
TransformationMethod="SetClaimsIfRegexMatch">
<InputClaims>
<InputClaim ClaimTypeReferenceId="password"
TransformationClaimType="claimToMatch" />
</InputClaims>
<InputParameters>
<InputParameter Id="matchTo"
DataType="string"
Value="__pwdRegEx__" />
<InputParameter Id="outputClaimIfMatched"
DataType="string"
Value="password" />
</InputParameters>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="copiedPassword"
TransformationClaimType="outputClaim" />
<OutputClaim ClaimTypeReferenceId="isLongTermPwd"
TransformationClaimType="regexCompareResultClaim" />
</OutputClaims>
<ClaimType Id="password">
<DisplayName>Password</DisplayName>
<DataType>string</DataType>
<UserHelpText>Enter password</UserHelpText>
<UserInputType>Password</UserInputType>
</ClaimType>
And then it breaks in the technical profile "LocalAccountSignUpWithLogonEmail", when I call the output claim transformation CheckIfLongTermPwd.
However, with a little debugging, I found out that if Password in password is String, it works but unfortunately, the user can see the password when he/she is typing it.
Any ideas on how to solve this?
B2C doesn't allow you to play with passwords, it is impossible to copy the password, for security reasons, therefore, this can't be done and I need to look for another solution.