rbrayb · March 5, 2025 23:23 · rbrayb · Mar 5, 2025
diff --git a/Extensions_TOTPSMS.xml b/Extensions_TOTPSMS.xml
 <!-- For access token -->

      <TechnicalProfile Id="REST-AcquireAccessTokenForGraph">
          <DisplayName>Acquire Token</DisplayName>
          <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
          <Metadata>
            <Item Key="ServiceUrl">https://login.microsoftonline.com/tenant.onmicrosoft.com/oauth2/v2.0/token</Item>
            <Item Key="AuthenticationType">Basic</Item>
            <Item Key="SendClaimsIn">Form</Item>
          </Metadata>
          <CryptographicKeys>
            <Key Id="BasicAuthenticationUsername" StorageReferenceId="B2C_1A_MSGraphClientId" />
            <Key Id="BasicAuthenticationPassword" StorageReferenceId="B2C_1A_MSGraphClientSecret" />
          </CryptographicKeys>
          <InputClaims>
            <InputClaim ClaimTypeReferenceId="grant_type" DefaultValue="client_credentials" />
            <InputClaim ClaimTypeReferenceId="scope" DefaultValue="https://graph.microsoft.com/.default" />
          </InputClaims>
          <OutputClaims>
            <OutputClaim ClaimTypeReferenceId="bearerToken" PartnerClaimType="access_token" />
          </OutputClaims>
          <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
        </TechnicalProfile>

        <!-- Call Microsoft Graph API to get group claims-->
        <TechnicalProfile Id="REST-GetMyDetails">
          <DisplayName>Get user's details using Graph API</DisplayName>
          <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
          <Metadata>
            <Item Key="ServiceUrl">https://graph.microsoft.com/v1.0/users/{objectId}</Item>
            <Item Key="SendClaimsIn">Url</Item>
            <Item Key="AuthenticationType">Bearer</Item>
            <Item Key="UseClaimAsBearerToken">bearerToken</Item>
            <Item Key="IncludeClaimResolvingInClaimsHandling">true</Item>
            <Item Key="ClaimResolverUrlFormatting">true</Item>
            <Item Key="ResolveJsonPathsInJsonTokens">true</Item>
          </Metadata>
          <InputClaims>
            <InputClaim ClaimTypeReferenceId="objectId" /> 
            <InputClaim ClaimTypeReferenceId="bearerToken" /> 
          </InputClaims>
          <OutputClaims>
            <OutputClaim ClaimTypeReferenceId="graph_displayName" PartnerClaimType="displayName" />
            <OutputClaim ClaimTypeReferenceId="graph_mail" PartnerClaimType="mail" />
            <OutputClaim ClaimTypeReferenceId="id" />            
          </OutputClaims>
          <UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
        </TechnicalProfile>
	<!-- For access token -->

	<TechnicalProfile Id="REST-AcquireAccessTokenForGraph">
	<DisplayName>Acquire Token</DisplayName>
	<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
	<Metadata>
	<Item Key="ServiceUrl">https://login.microsoftonline.com/tenant.onmicrosoft.com/oauth2/v2.0/token</Item>
	<Item Key="AuthenticationType">Basic</Item>
	<Item Key="SendClaimsIn">Form</Item>
	</Metadata>
	<CryptographicKeys>
	<Key Id="BasicAuthenticationUsername" StorageReferenceId="B2C_1A_MSGraphClientId" />
	<Key Id="BasicAuthenticationPassword" StorageReferenceId="B2C_1A_MSGraphClientSecret" />
	</CryptographicKeys>
	<InputClaims>
	<InputClaim ClaimTypeReferenceId="grant_type" DefaultValue="client_credentials" />
	<InputClaim ClaimTypeReferenceId="scope" DefaultValue="https://graph.microsoft.com/.default" />
	</InputClaims>
	<OutputClaims>
	<OutputClaim ClaimTypeReferenceId="bearerToken" PartnerClaimType="access_token" />
	</OutputClaims>
	<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
	</TechnicalProfile>

	<!-- Call Microsoft Graph API to get group claims-->
	<TechnicalProfile Id="REST-GetMyDetails">
	<DisplayName>Get user's details using Graph API</DisplayName>
	<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.RestfulProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
	<Metadata>
	<Item Key="ServiceUrl">https://graph.microsoft.com/v1.0/users/{objectId}</Item>
	<Item Key="SendClaimsIn">Url</Item>
	<Item Key="AuthenticationType">Bearer</Item>
	<Item Key="UseClaimAsBearerToken">bearerToken</Item>
	<Item Key="IncludeClaimResolvingInClaimsHandling">true</Item>
	<Item Key="ClaimResolverUrlFormatting">true</Item>
	<Item Key="ResolveJsonPathsInJsonTokens">true</Item>
	</Metadata>
	<InputClaims>
	<InputClaim ClaimTypeReferenceId="objectId" />
	<InputClaim ClaimTypeReferenceId="bearerToken" />
	</InputClaims>
	<OutputClaims>
	<OutputClaim ClaimTypeReferenceId="graph_displayName" PartnerClaimType="displayName" />
	<OutputClaim ClaimTypeReferenceId="graph_mail" PartnerClaimType="mail" />
	<OutputClaim ClaimTypeReferenceId="id" />
	</OutputClaims>
	<UseTechnicalProfileForSessionManagement ReferenceId="SM-Noop" />
	</TechnicalProfile>