Azure AD Guest User Error on K2 Five: Claim mapping configuration cannot be found for this claim

  • 16 February 2021
  • 0 replies
  • 116 views

Badge +5

Issue




Guest Users in Azure Active Directory receive the following error when logging in to K2 sites via AAD:



 


 




Error Code




Claim mapping configuration cannot be found for this claim. Claim information: Name='', Issuer='https://sts.windows.net/{Your Azure AD Tenant ID}/', Original Issuer='https://sts.windows.net/{Your Azure AD Tenant ID}/'. Please ensure that you have configured the K2 server as specified in K2 Help: Installation and Configuration > Configuration > SharePoint > Claims-based Authentication


 




Resolution




Add a new claim for the AAD label by following the steps below:



  1. Open the K2 Management Site and expand Authentication > Claims > Claims.

  2. Click New on the Security Label view.

  3. Select your Azure Active Directory label from the Security Label dropdown. 

  4. Select your Azure Active Directory Issuer from the dropdown.

  5. Check the Claim Type info box.

  6. Leave the Name Identity Issuer text box empty.

  7. Enter the User Token Identifieri:0#.f|membership.

  8. Enter the Group Token Identifierc:0-.f|rolemanager.

  9. For the Identity Provider > Original Issuer text box enter the Original Issuer value for AAD: https://sts.windows.net/{YourTenantID}/

  10. For the Identity Provider > Claim Type text box enter http://schemas.microsoft.com/identity/claims/tenantid

  11. For the Identity Provider > Claim Value text box enter your Tenant ID for AAD

  12. For the Identity > Original Issuer text box enter the Original Issuer value for AAD: https://sts.windows.net/{YourTenantID}/

  13. For the Identity > Claim Type text box enter the Claim Type value for AAD: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

  14. Click on OK.




Related Links




0 replies

Be the first to reply!

Reply