I can't seem to figure out how to resolve the 4 error messages.
Policy Design:
Step 1: Combined sign-in/sign-up.
Step 2: Social IDP login or basic sign-up.
Step 3: Gather missing basic info (social users).
Step 4: Address collection.
Step 5: Create or update user (write to AAD).
Step 6: Issue the token with claims.
Validation failed: 4 validation error(s)
**2 sendClaims steps. Please specify a DefaultCpimIssuerTechnicalProfileReferenceId attribute set to the default issuer technical profile reference id.User journey "SignUpOrSignIn"
step 3 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey "SignUpOrSignIn"
step 4 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey "SignUpOrSignIn"
step 5 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey 'SignUpOrSignIn'**
<OrchestrationSteps>
<OrchestrationStep Order="1"
Type="CombinedSignInAndSignUp"
ContentDefinitionReferenceId="api.signuporsignin">
<ClaimsProviderSelections>
<ClaimsProviderSelection TargetClaimsExchangeId="FacebookOAuthExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="GoogleOAuthExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="AzureADOAuthExchange" />
<ClaimsProviderSelection TargetClaimsExchangeId="SignUpBasicExchange" />
</ClaimsProviderSelections>
</OrchestrationStep>
<!-- Step 2: Process social IDP sign up or local account sign up -->
<OrchestrationStep Order="2"
Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist"
ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsExchanges>
<ClaimsExchange Id="FacebookOAuthExchange"
TechnicalProfileReferenceId="Facebook-OAUTH" />
<ClaimsExchange Id="GoogleOAuthExchange"
TechnicalProfileReferenceId="Google-OAUTH" />
<ClaimsExchange Id="AzureADOAuthExchange"
TechnicalProfileReferenceId="AzureAD-OAUTH" />
<ClaimsExchange Id="SignUpBasicExchange"
TechnicalProfileReferenceId="SelfAsserted-SignUp" />
</ClaimsExchanges>
</OrchestrationStep>
<!-- Step 3: Self-asserted page for social users to collect any missing basic attributes -->
<OrchestrationStep Order="3"
Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist"
ExecuteActionsIf="true">
<Value>objectId</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsProviderSelections>
<!-- Choose the correct claims exchange for Step 3 -->
<ClaimsProviderSelection TargetClaimsExchangeId="SelfAsserted-Social" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="SelfAsserted-Social"
TechnicalProfileReferenceId="SelfAsserted-Social" />
</ClaimsExchanges>
</OrchestrationStep>
<!-- Step 4: Collect address information -->
<OrchestrationStep Order="4"
Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimEquals"
ExecuteActionsIf="false">
<Value>newUser</Value>
<Value>true</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsProviderSelections>
<ClaimsProviderSelection TargetClaimsExchangeId="CollectAddress" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="CollectAddress"
TechnicalProfileReferenceId="SelfAsserted-Address" />
</ClaimsExchanges>
</OrchestrationStep>
<!-- Step 5: Write the user to AAD (only one claims exchange to write the user) -->
<OrchestrationStep Order="5"
Type="ClaimsExchange">
<Preconditions>
<Precondition Type="ClaimsExist"
ExecuteActionsIf="true">
<Value>streetAddress</Value>
<Action>SkipThisOrchestrationStep</Action>
</Precondition>
</Preconditions>
<ClaimsProviderSelections>
<ClaimsProviderSelection TargetClaimsExchangeId="AADUserWrite" />
</ClaimsProviderSelections>
<ClaimsExchanges>
<ClaimsExchange Id="AADUserWrite"
TechnicalProfileReferenceId="AAD-UserWriteUsingAlternativeSecurityId" />
</ClaimsExchanges>
</OrchestrationStep>
<!-- Step 6: Issue the token with all the collected claims -->
<OrchestrationStep Order="6"
Type="SendClaims"
CpimIssuerTechnicalProfileReferenceId="JwtIssuer" />
</OrchestrationSteps>
You only use "ClaimsProviderSelection" for external IDP.
Something like gather extra info doesn't need one. That would typically be a ClaimsExchange to a self-asserted page.