When uploading the B2C example policies, all policies are succesfull except for the following

https://github.com/Azure-Samples/active-directory-verifiable-credentials/blob/main/B2C/policies/SignupOrSigninVCQ.xml

Validation failed: 2 validation error(s) found in policy "B2C_1A_VC_SUSIQ" of tenant "XXXXXX.onmicrosoft.com".User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susiq" of tenant "XXXXXX.onmicrosoft.com" has step 7 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susiq" of tenant "XXXXXX.onmicrosoft.com" has step 8 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susiq" of tenant "XXXXXX.onmicrosoft.com" has step 7 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susiq" of tenant "XXXXXX.onmicrosoft.com" has step 8 with 2 claims exch...

https://github.com/Azure-Samples/active-directory-verifiable-credentials/blob/main/B2C/policies/SignUpVCOrSignin.xml

Validation failed: 2 validation error(s) found in policy "B2C_1A_VC_SUSI_ISSUEVC" of tenant "XXXXXX".User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susi_issuevc" of tenant "XXXXXX" has step 7 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susi_issuevc" of tenant "XXXXXX" has step 8 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susi_issuevc" of tenant "XXXXXX.onmicrosoft.com" has step 7 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susi_issuevc" of tenant "XXXXXXt...

Are there steps missing that would fix these errors? The other samples were updated \ uploaded without issue.

Create the REST API key in the portal
The Technical Profile REST-VC-PostIssuanceClaims, that is used during VC innuance during user signup, is configured to use an api-key for security. Therefor, create a Policy Key in the B2C portal with the name RestApiKey and manually set the key value to something unique. You need to add this value to the sample app's appSettings file also.

Case:

I have created api key (signature type) B2C_1A_RestApiKey in b2c portal and have set some unique value. Also in sample code , appsettings.json file has been updated as "B2C1ARestApiKey": "B2C_1A_RestApiKey".
Now while doing sign up using B2C_1A_VC_SUSIQ policy , I am getting error but user is getting created in Azure AD B2C without verifiable credential.

Error:
AADB2C90027: Basic credentials specified for 'REST-VC-PostIssuanceClaims' are invalid. Check that the credentials are correct and that access has been granted by the resource.

Kindly help.

In the documentation there are wrong links to Samples gallery.

https://github.com/Azure-Samples/active-directory-verifiable-credentials/tree/main/B2C#deploy-one-of-the-samples-and-verify-that-work-with-the-sample-vcs

Hello,

I have tried setting up the verifiable credentials service by following the steps from the document (Tutorial - Configure your tenant for Azure AD Verifiable Credentials (preview) | Microsoft Docs). I was able to setup the python repo (Azure-Samples/active-directory-verifiable-credentials-python: A code sample demonstrating how to use Azure Active Directory's preview functionality to issue and consume verifiable credentials. (github.com)) successfully in the azure ubuntu vm, but when I tried scanning the QR code using MS Authenticator, I am getting Forbidden error. Here are the logs. Kindly help me in resolving the issue as early as possible.

App details:
App version: 6.2202.0982
App version code: 202209820
ADAL version: 4.0.1
MSAL version: 3.0.1
Broker version: 4.0.3

        Device details:
        Android version: 12
        Android build: samsung/r8qxxx/r8q:12/SP1A.210812.016/G781BXXS4DVA2:user/release-keys
        Device name: r8q
        Device ID: SP1A.210812.016
        Device manufacturer: samsung
        Device model: SM-G781B
        Device display: SP1A.210812.016.G781BXXS4DVA2
        Device brand: samsung
        Device hardware: qcom
        Locale: en_GB 

ACCOUNTS
None
2022-02-23 04:03:03,806 WARN/ADAL: [Telemetry] [2022-02-23 04:03:03 - thread_name : main, correlation_id : UNSET] Android 31 Telemetry is disabled because the Telemetry context or configuration is null Logger$2.log()@211 [pool-18-thread-1]
2022-02-23 04:03:03,881 INFO/App: FCM REGISTRATION IDS: legacyMsaAndAadToken: , msaFcmToken: , currentAadFcmToken: , previousAadFcmToken: CollectLogsUtils.printDeviceTokens()@370 [main]
2022-02-23 04:03:03,881 INFO/App: isDosPreventerAvailable: false CollectLogsUtils.printDeviceTokens()@378 [main]
2022-02-23 04:03:03,882 INFO/App: Scheduling FCM token refresh work. FcmRegistrationManager.schedulePeriodicFcmTokenRefreshIfNecessary()@111 [main]
2022-02-23 04:03:03,883 INFO/App: No need to schedule a daily FCM token refresh worker. FcmRegistrationManager.scheduleFcmTokenDailyRetryRefreshIfNecessary()https://github.com/96 [main]
2022-02-23 04:03:04,143 INFO/App: App restriction sharedDeviceMode: false LaunchActivity.queryIsSharedDeviceModeAppRestrictionSet()@74 [main]
2022-02-23 04:03:04,144 INFO/App: App restriction SharedDeviceTenantId: LaunchActivity.queryIsSharedDeviceModeAppRestrictionSet()@75 [main]
2022-02-23 04:03:04,180 INFO/App: FCM token refresh worker started. FcmTokenRefreshWorker.doWork()https://github.com/70 [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,181 INFO/App: FCM REGISTRATION IDS: legacyMsaAndAadToken: , msaFcmToken: , currentAadFcmToken: , previousAadFcmToken: CollectLogsUtils.printDeviceTokens()@370 [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,181 INFO/App: isDosPreventerAvailable: false CollectLogsUtils.printDeviceTokens()@378 [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,181 INFO/App: Returning FCM token for AAD = FcmRegistrationManager.getCachedAadFcmToken()@66 [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,182 INFO/App: Setup MFA FCM for PROD environment. FirebaseNotificationsWrapper.getFirebaseAppForAad()https://github.com/60 [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,189 INFO/App: Try to acquire AAD FCM registration token. FcmRegistrationManager$acquireFcmTokenForAad$2.invokeSuspend()@194 [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,282 INFO/App: Returning FCM token for AAD = FcmRegistrationManager.getCachedAadFcmToken()@66 [main]
2022-02-23 04:03:04,283 INFO/App: hasDosPreventer = false AccountStorageCustomQueries.hasMfaAccountsConfiguredForNotifications()@99 [main]
2022-02-23 04:03:04,285 INFO/App: Processed BrooklynFRE args showCelebratoryDialog : false, showPhoneSigninMsg :false AccountListFragment.processFREArguments()@448 [main]
2022-02-23 04:03:04,287 INFO/App: Merging broker accounts into accounts list BrokerAccountUseCase$mergeBrokerAccounts$2.invokeSuspend()@84 [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,336 INFO/Broker: [KeyMigrationBroadcaster:migrateKeyIfNeeded] [2022-02-23 04:03:04 - thread_name : main, correlation_id : UNSET] Android 31 KEY_MIGRATION_BROADCASTER| Called by: AUTHENTICATOR_APP_LAUNCH | This is not an active broker. ThreadPoolExecutor$Worker.run()@641 [pool-18-thread-1]
2022-02-23 04:03:04,354 INFO/App: onResume MainActivity.onResume()https://github.com/262 [main]
2022-02-23 04:03:04,381 INFO/Broker: [com.microsoft.identity.client.api.BrokerApiController] [2022-02-23 04:03:04 - thread_name : DefaultDispatcher-worker-4, correlation_id : UNSET] Android 31 Broker Strategies added : ContentProviderStrategy, AccountManagerUpdateCredentialStrategy, ThreadPoolExecutor$Worker.run()@641 [pool-18-thread-1]
2022-02-23 04:03:04,381 INFO/Broker: [BrokerOperationExecutor:getBrokerAccounts] [2022-02-23 04:03:04 - thread_name : DefaultDispatcher-worker-4, correlation_id : UNSET] Android 31 Executing with IIpcStrategy: ContentProviderStrategy ThreadPoolExecutor$Worker.run()@641 [pool-18-thread-1]
2022-02-23 04:03:04,384 INFO/Broker: [com.microsoft.identity.common.internal.broker.ipc.ContentProviderStrategyBROKER_API_HELLO] [2022-02-23 04:03:04 - thread_name : DefaultDispatcher-worker-4, correlation_id : UNSET] Android 31 Request to BrokerContentProvider for uri path /brokerApi/hello ThreadPoolExecutor$Worker.run()@641 [pool-18-thread-1]
2022-02-23 04:03:04,624 INFO/Broker: [com.microsoft.identity.common.internal.broker.ipc.ContentProviderStrategyBROKER_API_HELLO] [2022-02-23 04:03:04 - thread_name : DefaultDispatcher-worker-4, correlation_id : UNSET] Android 31 Received successful result from Broker Content Provider. ThreadPoolExecutor$Worker.run()@641 [pool-18-thread-1]
2022-02-23 04:03:04,625 INFO/Broker: [com.microsoft.identity.common.internal.result.MsalBrokerResultAdapter:verifyHelloFromResultBundle] [2022-02-23 04:03:04 - thread_name : DefaultDispatcher-worker-4, correlation_id : UNSET] Android 31 Able to establish the connect, the broker protocol version in common is [2.0] ThreadPoolExecutor$Worker.run()@641 [pool-18-thread-1]
2022-02-23 04:03:04,626 INFO/Broker: [com.microsoft.identity.common.internal.broker.ipc.ContentProviderStrategyBROKER_API_GET_BROKER_ACCOUNTS] [2022-02-23 04:03:04 - thread_name : DefaultDispatcher-worker-4, correlation_id : UNSET] Android 31 Request to BrokerContentProvider for uri path /brokerApi/getBrokerAccounts ThreadPoolExecutor$Worker.run()@641 [pool-18-thread-1]
2022-02-23 04:03:04,752 INFO/App: Is Fingerprint Available: true AppLockModule.fetchAppLockStatus()@75 [mqt_native_modules]
2022-02-23 04:03:04,753 INFO/App: Is Face Available: true AppLockModule.fetchAppLockStatus()@75 [mqt_native_modules]
2022-02-23 04:03:04,754 INFO/App: Is Iris Available: false AppLockModule.fetchAppLockStatus()@75 [mqt_native_modules]
2022-02-23 04:03:04,765 INFO/App: isAuthenticatorBroker: false BatteryOptimizationModule.configureBatteryOptimizationPreference()@34 [mqt_native_modules]
2022-02-23 04:03:04,765 INFO/App: companyPortalVersionCode: 5312669 BatteryOptimizationModule.configureBatteryOptimizationPreference()https://github.com/35 [mqt_native_modules]
2022-02-23 04:03:04,777 INFO/App: isBrokerIgnoringBatteryOptimizations: false BatteryOptimizationModule.configureBatteryOptimizationPreference()@48 [mqt_native_modules]
2022-02-23 04:03:05,140 INFO/App: Total number of broker accounts: 1 BrokerAccountUseCase$mergeBrokerAccounts$2.invokeSuspend()https://github.com/88 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,140 INFO/Broker: [com.microsoft.identity.common.internal.broker.ipc.ContentProviderStrategyBROKER_API_GET_BROKER_ACCOUNTS] [2022-02-23 04:03:05 - thread_name : DefaultDispatcher-worker-4, correlation_id : UNSET] Android 31 Received successful result from Broker Content Provider. ThreadPoolExecutor$Worker.run()@641 [pool-18-thread-1]
2022-02-23 04:03:05,141 INFO/App: Total number of all accounts: 0 BrokerAccountUseCase.setAccountInfoForMatchingAadAccount()@119 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,141 INFO/App: Did not find a match. BrokerAccountUseCase.setAccountInfoForMatchingAadAccount()@141 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,141 INFO/App: Total number of all accounts: 0 BrokerAccountUseCase.setAccountInfoForMatchingAadAccount()@119 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,141 INFO/App: Did not find a match. BrokerAccountUseCase.setAccountInfoForMatchingAadAccount()@141 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,250 INFO/App: Refreshed AAD v1 token trimmed: 6UJzz46mvs FcmRegistrationManager$acquireFcmTokenForAad$2.invokeSuspend()https://github.com/210 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,251 INFO/App: Enqueuing MFA change device token work. spreadAcrossFiveDays = true FcmRegistrationManager$acquireFcmTokenForAad$2.invokeSuspend()https://github.com/223 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,252 INFO/App: Initial delay in hours = 50, Same in days = 2.0833333333333335") FcmRegistrationManager$acquireFcmTokenForAad$2.invokeSuspend()https://github.com/223 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,253 INFO/App: MFA change token work enqueued FcmRegistrationManager$acquireFcmTokenForAad$2.invokeSuspend()@224 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,253 INFO/App: FCM REGISTRATION IDS: legacyMsaAndAadToken: , msaFcmToken: , currentAadFcmToken: 6UJzz46mvs, previousAadFcmToken: CollectLogsUtils.printDeviceTokens()@370 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,254 INFO/App: isDosPreventerAvailable: false CollectLogsUtils.printDeviceTokens()@378 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,254 INFO/App: Returning FCM token for MSA = FcmRegistrationManager.getCachedMsaFcmToken()https://github.com/57 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,254 INFO/App: Setup MSA FCM for PROD environment FirebaseNotificationsWrapper.getFirebaseAppForMsa()@36 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,258 INFO/App: Try to acquire MSA FCM registration token for MSA. FcmRegistrationManager$acquireFcmTokenForMsa$2.invokeSuspend()@133 [DefaultDispatcher-worker-4]
2022-02-23 04:03:05,324 INFO/App: A new auto generated token received: wurtN6a8r7. It's not going to be used. FcmListenerService.onNewToken()@48 [Firebase-Messaging-Intent-Handle]
2022-02-23 04:03:05,353 INFO/App: FCM update work is currently running, so no need to schedule second attempt. FcmListenerService.onNewToken()https://github.com/56 [Firebase-Messaging-Intent-Handle]
2022-02-23 04:03:05,708 INFO/App: User agreed to privacy terms. MainActivityViewModel.onPrivacyConsentAgreed()@138 [main]
2022-02-23 04:03:05,727 INFO/App: Determining if calling package is a recent valid install referrer:
Installed At = 1645587227
Current Time = 1645588985
Referring App = utm_source=google-play&utm_medium=organic InstallReferrerApi.onInstallReferrerSetupFinished()@47 [main]
2022-02-23 04:03:05,728 INFO/App: Install referrer calculation completed, determined from too long ago InstallReferrerApi.onInstallReferrerSetupFinished()@76 [main]
2022-02-23 04:03:06,000 INFO/App: Refreshed MSA v1 token trimmed: dcP1eodjCS FcmRegistrationManager$acquireFcmTokenForMsa$2.invokeSuspend()https://github.com/150 [DefaultDispatcher-worker-5]
2022-02-23 04:03:06,001 INFO/App: FCM REGISTRATION IDS: legacyMsaAndAadToken: , msaFcmToken: dcP1eodjCS, currentAadFcmToken: 6UJzz46mvs, previousAadFcmToken: CollectLogsUtils.printDeviceTokens()@370 [DefaultDispatcher-worker-5]
2022-02-23 04:03:06,001 INFO/App: isDosPreventerAvailable: false CollectLogsUtils.printDeviceTokens()@378 [DefaultDispatcher-worker-5]
2022-02-23 04:03:06,002 INFO/App: FCM token refresh worker finished. FcmTokenRefreshWorker.doWork()@73 [DefaultDispatcher-worker-5]
2022-02-23 04:03:06,423 INFO/App: Navigating to add account by scanning QR code. FirstRunSignInFragment$onViewCreated$$inlined$apply$lambda$3.onClick()@119 [main]
2022-02-23 04:03:06,443 INFO/App: Initiate camera permission request. ScanQrCodeFragment.onViewCreated()@68 [main]
2022-02-23 04:03:08,049 INFO/App: Camera permission was granted. ScanQrCodeFragment$onCreate$1.onActivityResult()@30 [main]
2022-02-23 04:03:08,050 INFO/App: onRequestPermissionsResult: requestCode = 1886613268 MainActivity.onRequestPermissionsResult()@405 [main]
2022-02-23 04:03:08,050 ERROR/App: Unknown request. MainActivity.onRequestPermissionsResult()@434 [main]
2022-02-23 04:03:08,051 INFO/App: onResume MainActivity.onResume()https://github.com/262 [main]
2022-02-23 04:03:09,542 INFO/App: Received a result from QR code scan. DecoratedBarcodeView$WrappedCallback.barcodeResult()@49 [main]
2022-02-23 04:03:09,544 INFO/App: Handling QR code scanning status: Success(qrResult=openid://vc/?request_uri=https://beta.did.msidentity.com/v1.0/2e3e7b44-8e2d-4c0a-9d26-695f083df548/verifiablecredentials/request/75901faf-7bca-4c1e-9713-2484d1dcb9e7) ScanUnknownQrCodeManager.handleQrCodeScanStatus()@52 [main]
2022-02-23 04:03:09,546 INFO/App: Handling successful QR code scan result. ScanUnknownQrCodeManager.handleQrCodeScanStatus()@58 [main]
2022-02-23 04:03:09,546 INFO/App: Handling QR Code result for a DID account QrCodeHandlerVc.handleQrCodeResult()https://github.com/35 [main]
2022-02-23 04:03:30,689 WARN/App: File not found: authenticator.1.txt CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,689 WARN/App: File not found: broker.1.txt CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,690 WARN/App: File not found: DID.1.txt CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,690 WARN/App: File not found: brooklyn.1.txt CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,690 WARN/App: File not found: experimentation.1.txt CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,691 WARN/App: File not found: authenticator.txt1 CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,691 WARN/App: File not found: broker.txt1 CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,691 WARN/App: File not found: brooklyn.txt1 CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,692 WARN/App: File not found: DID.txt1 CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:30,692 WARN/App: File not found: experimentation.txt1 CollectLogsUtils.readFileFromInternalStorage()@144 [AsyncTask https://github.com/Azure-Samples/active-directory-verifiable-credentials-python/pull/1]
2022-02-23 04:03:03,891 DEBUG/Brooklyn: Brooklyn module disabled [main]
2022-02-23 04:03:03,892 DEBUG/Brooklyn: Enterprise deny list refresh periodic worker scheduled. [main]
2022-02-23 04:03:04,178 DEBUG/Brooklyn: EnterpriseDenyListRefreshWorker worker started. [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,234 DEBUG/Brooklyn: Number of denyListsToRefresh to refresh : 0 [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,243 DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,244 DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,244 DEBUG/Brooklyn: Brooklyn saved state is 2 and current state is ALLOW [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,244 DEBUG/Brooklyn: Heuristics component is initialized. [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,244 DEBUG/Brooklyn: Brooklyn module enabled [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,244 DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,261 DEBUG/Brooklyn: EnterpriseDenyListRefreshWorker worker completed. Time taken : 0.081 seconds. [DefaultDispatcher-worker-4]
2022-02-23 04:03:04,288 DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,289 DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,290 DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-3]
2022-02-23 04:03:04,172 INFO/Experimentation: Starting experimentation worker request to TAS [DefaultDispatcher-worker-2]

Thanks in advance.

Hi, is it possible to use the android emulator from Visual Studio to test the demo ?

Also any ETA on Iphone support

The following line in /issuer/app.js breaks for me:
req.session.issueRequest = await requestBuilder.build().create();
The error leads to the QR code not being generated. Any idea what's wrong? Seems like it's a bug in the SDK and something is going wrong with signing the request?

Full error log:

(node:62578) UnhandledPromiseRejectionWarning: TypeError: Key is not of type 'CryptoKey'
    at SubtleCryptoKeyVault.checkCryptoKey (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/webcrypto-core/build/webcrypto-core.js:893:19)
    at SubtleCryptoKeyVault.sign (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/webcrypto-core/build/webcrypto-core.js:762:14)
    at SubtleCryptoExtension.signByKeyStore (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/verifiablecredentials-crypto-sdk-typescript-plugin/dist/lib/SubtleCryptoExtension.js:53:40)
    at JwsToken.sign (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/verifiablecredentials-crypto-sdk-typescript-protocol-jose/dist/lib/jws/JwsToken.js:382:40)
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
    at async Jose.sign (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/verifiablecredentials-crypto-sdk-typescript/dist/lib/Jose.js:52:23)
    at async Requestor.create (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/verifiablecredentials-verification-sdk-typescript/dist/lib/api_oidc_request/Requestor.js:70:27)
    at async exports.issueRequest (/Users/mathiasklenk/passbase-dev/credential-issuer/src/controller/credentialIssuerController.js:76:30)
(Use `node --trace-warnings ...` to show where the warning was created)
(node:62578) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 2)
(node:62578) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
(node:62578) UnhandledPromiseRejectionWarning: TypeError: Key is not of type 'CryptoKey'
    at SubtleCryptoKeyVault.checkCryptoKey (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/webcrypto-core/build/webcrypto-core.js:893:19)
    at SubtleCryptoKeyVault.sign (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/webcrypto-core/build/webcrypto-core.js:762:14)
    at SubtleCryptoExtension.signByKeyStore (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/verifiablecredentials-crypto-sdk-typescript-plugin/dist/lib/SubtleCryptoExtension.js:53:40)
    at JwsToken.sign (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/verifiablecredentials-crypto-sdk-typescript-protocol-jose/dist/lib/jws/JwsToken.js:382:40)
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
    at async Jose.sign (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/verifiablecredentials-crypto-sdk-typescript/dist/lib/Jose.js:52:23)
    at async Requestor.create (/Users/mathiasklenk/passbase-dev/credential-issuer/node_modules/verifiablecredentials-verification-sdk-typescript/dist/lib/api_oidc_request/Requestor.js:70:27)
    at async exports.issueRequest (/Users/mathiasklenk/passbase-dev/credential-issuer/src/controller/credentialIssuerController.js:76:30)

I have tested successfully idtokenhint demo and I am trying unsucessfully attestation verifiable credentials type , similar to the Woodgrave Employee Onboarding Demo, is this code available in c#?

I can request the issuance of the VC but Authenticator doesn't request the user to Present a verifiable credential in order to issue one, thus the issuance of the VC doesn't get authorized.

Meaning in my case I need the Authenticator to request the VerifiedCredentialExpert VC first but I don't see how to trigger this on Authenticator, I tried this on issuance_request_config.json file, I also tried adding requestedCredentials to type VerifiedCredentialExpert as you see below to suggest to Authenticator to get this first, but didn't change the error behaviour:

     "callback": {
       //In this sample code we will overwrite the callback and use the HOSTNAME dynamicall
       //make sure you use ngrok or something like that when running on a local devbox. 
       //The MS AAD VC Request service needs to be able to reach the callback URI
       "url": "https://YOURPUBLICREACHABLEHOSTNAME/api/issuer/issuanceCallback",
       "state": "STATEWILLBESETINCODE",
       "headers": {
         "api-key": "OPTIONAL API-KEY for ISSUANCE CALLBACK API"
       }
     },
     //The Authority is the DID from your MS AAD Verifiable Credential service, you can copy this from the VC page in azure portal
     "authority": "did:ion: THIS IS YOUR DID FROM THE VC PAGE IN AZURE PORTAL WHICH IS SET IN THE SAMPLE BY COPYING THE VALUE FROM APPSETTINGS.JSON   ",
     "registration": {
       "clientName": "Verifiable Test Register Verifiable Credential"
     },
     //The type needs to be the same as defined in the rules json definitione. The manifest can be copied after the credential has been
     //created in the azure portal
     "type": "VerifiedTestRegistration",
     "manifest": "CREDENTIAL URL IN THIS SAMPLE WILL BE COPIED FROM APPSETTINGS.JSON",
     //Recommendation is to protect issuance payload with a PIN code. 
     //The pincode is set to a random value in code and will be displayed in the UI to the user
     "pin": {
       "value": "123456",
       "length": 4
     },
     //This is an example payload which will be used in the rules file of the credential.
     //The rules files maps information from the ID Token (hint) to the VC
     "claims": {
       "country_of_registry": "",
       "registration_number": "",
     },
     //You can request multiple verifiable credentials at once that's whty the requestCredentials is an array
     "requestedCredentials": [
       {
         "type": "VerifiedCredentialExpert",
         "purpose": "Required presentation of verifiable credentials expert to get Test Registration card.",
         //You can trust multiple issuers who might be issuing the same credential type (for example certifications or diplomas)
         //You need to specify at least 1 trusted issuer DID, for this sample code we copy the IssuerAuthority from appsettings to the request
         //"acceptedIssuers": [ "did:ion: copied from your VC portal in this sample the code copies it from APPSETTINGS.JSON" ]
         "acceptedIssuers": [ "theaccepetedidissuer" ]
       }
      
     ]
   }

These are the display and rules:

`  Display definition
           {
             "locale": "en-US",
             "card": {
               "title": "Test Verified Credential",
               "issuedBy": "TheIssuer",
               "backgroundColor": "#000000",
               "textColor": "#ffffff",
               "logo": {
                 "uri": "https://domain.com/image.png",
                 "description": "Test  Verified Credential"
               },
               "description": "Use this card to verify."
             },
             "consent": {
               "title": "Do you want to get your Test Verified Credential?",
               "instructions": "Sign in with your Verified Credential Expert Card to get your card."
             },
             "claims": [
               {
                 "claim": "$.vc.country_of_registry",
                 "label": "Country of Registry",
                 "type": "String"
               },
               {
                 "claim": "$.vc.registration_number",
                 "label": "Registration Number",
                 "type": "String"
               }
             ]
           }
          
           Rules definition
           {
           "attestations": {
             "presentations": [
               {
                 "mapping": [
                   {
                     "outputClaim": "firstName",
                     "required": true,
                     "inputClaim": "$.vc.credentialSubject.given_name",
                     "indexed": false
                   },
                   {
                     "outputClaim": "lastName",
                     "required": true,
                     "inputClaim": "$.vc.credentialSubject.family_name",
                     "indexed": false
                   }
                 ],
                 "required": true,
                 "credentialType": "VerifiedCredentialExpert",
                 "contracts": [
                   "https://verifiedid.did.msidentity.com/v1.0/tenants/id/verifiableCredentials/contracts/abcd/manifest"
                 ],
                 "trustedIssuers": [
                   "did:ion:thedid"
                 ]
               }
             ],
             "idTokenHints": [
               {
                 "mapping": [
                   {
                     "outputClaim": "countryOfRegistry",
                     "required": true,
                     "inputClaim": "$.country_of_registry",
                     "indexed": false
                   },
                   {
                     "outputClaim": "registrationNumber",
                     "required": true,
                     "inputClaim": "$.registration_number",
                     "indexed": true
                   }
                 ],
                 "required": true
               }
             ]
           },
           "validityInterval": 2592000,
           "vc": {
             "type": [
               "VerifiedTestRegistration"
             ]
           }
         }`


I am testing on iphone12 pro latest iOS version installed.

[Question as posted in the git project](https://github.com/Azure-Samples/active-directory-verifiable-credentials-dotnet/issues/41) and [MSFT Community](https://learn.microsoft.com/en-us/answers/questions/1121432/is-attestation-verifiable-credentials-type-repo-de.html) but unfortunately got no help.

Thank you for your help, Sergio

Hi,

I'm curious to know what and how the APIs and communications between apps are being invoked in the sample app. I suppose the following sequence of calls between apps are being taken place for issuing VC:

1. Click Get Credential button -> QR Code is generated -> "issue-request" (in app.js) is invoked.
2. Scan QR Code in Microsoft Authenticator -> Authenticator "GET" "issue-request.jwt" in "app.js"
3. Authenticator access the Verifiable Credentials "rules" and "display" -> Prompt for "Sign-in" according to the "attestations.idTokens.configuration" specified in the rules file.
4. Sign in -> return "SUCCESS" or "FAILURE" to Microsoft Authenticator per the authentication service specified in "configuration". (Is it done through OAuth 2.0?)
5. Display the "Add" button in Microsoft Authenticator if "SUCCESS".
6. Click "Add" -> Verifiable Credential added to the Wallet.

Here are my questions:

1. What type of service is required for Sign In by Microsoft Authenticator for issuing with Verifiable Credential? Any OAuth 2.0?
2. Is there a DID generated by AD Verifiable Credentials and written to ION for the requester? If so, when and how is the DID of the requester being written to the ION network?
3. When and how the Verifiable Credential of the requester is being generated and written to the ION network?
4. Will a new Verifiable Credential generated for each request from the same requester? I suppose not. If not, how the previously generated VC is retrieved and passed to Authenticator? If yes, why?

Could you please help?

Cheers,
Jason

When I scan the QR code from Microsoft Authenticator app, I see the following error - "Invalid activation barcode". Any inputs on how to resolve this would be appreciated.

Also, on a different note, is it possible to configure and run this solution locally without using Azure AD?

Regards,
Sham

Hi, I tried to run the sample app (both issuer and verifier) on my cloud Ubuntu instance (http://mydomain). I can access the Issuance and Verification page through http://mydomain:8081 and http://mydomain:8082 respectively (both Issuance and Verification are run in Docker container).

However, I can never get through to the "Sign In" screen in Authenticator after scanning the QR code for Issuance. I have to start "ngrok" to make it work. What do I need to do in order to make it work on my cloud Ubuntu instance without using "ngrok"? Make it "https://mydomain:8081" instead of "http://mydomain:8081"? If so, how?

Thanks for the help.

Cheers,
Jason

After scanning the QR code with MS Authenticator to get the ninja card, the following error was output.
Could you please tell me the possible causes?

12-07 06:05:13:350 UTC DEBUG/Brooklyn: No Microsoft AAD account present [main]
12-07 06:05:13:353 UTC DEBUG/Brooklyn: Brooklyn current state saved to DENY [main]
12-07 06:05:13:354 UTC DEBUG/Brooklyn: Configure Brooklyn Enterprise controls called [main]
12-07 06:05:13:404 UTC DEBUG/Brooklyn: No Microsoft AAD account present [main]
12-07 06:05:13:405 UTC DEBUG/Brooklyn: Brooklyn current state saved to DENY [main]
12-07 06:05:13:405 UTC DEBUG/Brooklyn: Configure Brooklyn Enterprise controls called [main]
12-07 06:05:13:458 UTC DEBUG/Brooklyn: No Microsoft AAD account present [main]
12-07 06:05:13:459 UTC DEBUG/Brooklyn: Brooklyn current state saved to DENY [main]
12-07 06:05:13:459 UTC DEBUG/Brooklyn: Configure Brooklyn Enterprise controls called [main]

App details:
App version: 6.2011.7755
App version code: 202077550
ADAL version: 3.1.0
Broker version: 3.3.8

Device details:
Android version: 11
Android build: google/sdk_gphone_x86/generic_x86_arm:11/RSR1.201013.001/6903271:user/release-keys
Device name: generic_x86_arm
Device ID: RSR1.201013.001
Device manufacturer: Google
Device model: sdk_gphone_x86
Device display: RSR1.201013.001
Device brand: google
Device hardware: ranchu
Locale: en_US

ACCOUNTS
None

0

I used "https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/createIssuanceRequest" api to generate my QR Code Response is

{
"requestId": "799f23ea-5241-45af-99ad-cf8e5018814e",
"url": "openid://vc?request_uri=https://verifiedid.did.msidentity.com/v1.0/12345678-0000-0000-0000-000000000000/verifiableCredentials/request/178319f7-20be-4945-80fb-7d52d47ae82e",
"expiry": 1622227690,
"qrCode": "data:image/png;base64,iVBORw0KggoA"
}

but the issue is my QRcode get expire in 5 mins ?

any help on this.....

When uploading SignUpVCorSignin.xml policy, Azure Identity Experience Framework raises a number of errors

• the BasePolicy PolicyId appears to B2C_1A_VC_TrustFrameworkExtensions instead of B2C_1A_TrustFrameworkExtensionsVC
• the Orchestration Steps are 1, 2, 7, 8, 9 instead of 1, 2, 3, 4, 5
• finally after fixing the above, I get the following error

Validation failed: 1 validation error(s) found in policy "B2C_1C_VC_ISSUEVC" of tenant . User journey "SignUpOrSignIn" in policy "B2C_1A_VC_susi_issuevc" of tenant has step 3 with 2 claims exchanges. It must be preceded by a claims provider selection in order to determine which claims exchange can be used.

I have a couple questions about Issuing and Verifying using AD and the Authenticator.

1. Why do the verifier needs to know the secret when verifying a VC? I'm asking because on this video it seems like we only need to check the DID (from ION/Bitcoin) to make sure the credential is properly signed, no?

2. If I want to simulate a web portal where the employee is already logged in but want to issue a credential to add to his Authenticator, it seems redundant that the authenticator asks for the sign in... Can't we just issue the credential through the issue request?

3. What if I don't want to use OpenID standard at all to issue a VC. Like in the Alice/Contoso University scenario video -- How could I do that with my DID and add it to the Authenticator? Btw is this demo open sourced? Does it work with the authenticator?

Thank you very much and sorry if I'm posting these questions since they are not real issues. I'm adding it here since I could not find any proper place on aka.ms/didfordevs

Run node ./generate.js to generate a new DID for website and create keys in your Key Vault mentioned here: https://github.com/Azure-Samples/active-directory-verifiable-credentials/tree/main/verifier

When I try to validate a given credential (successfully stored in wallet) I can see in the backend that Authenticator calls presentation-request.jwt and gets the token. But then it says as below "DecodingError - unableToDecodeToken".

Where can I begin to troubleshoot this?

ERRO VerifiableCredential 0 TID=1 79 (fetchFromUrl(url:)) Error: Error: VCNetworking.DecodingError code: 0 Message: Failed to get the presentation request Properties: ["Line": "79", "Message": "Failed to get the presentation request", "Function": "fetchFromUrl(url:)", "CorrelationVector": "jvgvxzaoTiygyTOkIv/Sdw.0", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/VerifiableCredentialWallet/ViewModel/RequestProcessorViewModel.swift", "Error": "Error: VCNetworking.DecodingError code: 0"]
2021-05-18 11:40:35.320 INFO VerifiableCredential 0 TID=1 141 (stopTrackCurrentMeasuredEvent()) DIDPresentationRequest properties: ["HasFailed": "true", "CorrelationVector": "jvgvxzaoTiygyTOkIv/Sdw.0", "DIDFirstTimeOnBoarding": "false", "DIDSource": "QRScanner"]
2021-05-18 11:40:35.322 VERB VerifiableCredential 0 TID=1 266 (navigateUsing(navigationBlock:)) navigateUsing: view had not appeared CorrelationVector: jvgvxzaoTiygyTOkIv/Sdw.0
2021-05-18 11:40:35.449 VERB VerifiableCredential 0 TID=1 90 (configure()) Showing error page with unableToDecodeToken details:Error: VCNetworking.DecodingError code: 0 CorrelationVector: jvgvxzaoTiygyTOkIv/Sdw.0

I deployed the code outside, however after clicking on get Credentials, getting the following error:

"Cannot read property '3' of undefined"
at:
qrcode.makeCode(message);

"issue-request" is 200 but response "message" is index.html

Locally this step works fine.

Hello Team,

Following the Verifiable Credentials B2C Sample here https://github.com/Azure-Samples/active-directory-verifiable-credentials/blob/main/B2C/README.md

I have updated the selfasserted.html file with the path (in Azure Storage) of qrcode.min.js. But none of the following B2C policies render the QRCode when the user journey is run. This means a verifiable credential can neither be issued nor verified.

B2C_1A_SIGNINMFA_VC
B2C_1A_SIGNIN_VC
B2C_1A_SIGNUP_SIGNIN_VC
B2C_1A_VC_SUSIQ
B2C_1A_VC_SUSI_ISSUEVC
However, there are no issues loading the QR code when hitting the app endpoint directly via localhost or using ngrok. Only seems to happen when going via Azure B2C.

Following the steps from here https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/issue-verify-verifiable-credentials-your-tenant.

1. Step 1 works fine
2. For step 2 (Using own Azure AD)- Authenticator keeps giving the following error while getting credential:

Authenticator Error:
Error Code: invalidSignature
Error Details: Error..
VCEntities:PresentationRequestValidationError
Code 2

Logs from Authenticator:
2021-04-14 13:11:51.102 INFO VerifiableCredential 0 TID=1 62 (init(cardUseCase:settings:cameraPermissionValidator:correlationHeader:telemetryClient:)) DIDTableViewInitialLoad properties: ["Count": "1", "CorrelationVector": ""]2021-04-14 13:11:57.068 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Line": "55", "Message": "Correlation Vector for VCNetworking.FetchPresentationRequestOperation: oHaL8D6HTXWiCbRiY2svsQ.1", "Function": "fire()", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift", "CorrelationVector": "oHaL8D6HTXWiCbRiY2svsQ.1"]2021-04-14 13:11:57.367 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Message": "Correlation Vector for VCNetworking.FetchDIDDocumentOperation: oHaL8D6HTXWiCbRiY2svsQ.2", "Function": "fire()", "Line": "55", "CorrelationVector": "oHaL8D6HTXWiCbRiY2svsQ.2", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift"]2021-04-14 13:11:58.267 ERRO VerifiableCredential 0 TID=1 79 (fetchFromUrl(url:)) Error: Error: VCEntities.PresentationRequestValidatorError code: 2 Message: Failed to get the presentation request Properties: ["Function": "fetchFromUrl(url:)", "Message": "Failed to get the presentation request", "Error": "Error: VCEntities.PresentationRequestValidatorError code: 2", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/VerifiableCredentialWallet/ViewModel/RequestProcessorViewModel.swift", "CorrelationVector": "oHaL8D6HTXWiCbRiY2svsQ.2", "Line": "79"]2021-04-14 13:11:58.269 INFO VerifiableCredential 0 TID=1 141 (stopTrackCurrentMeasuredEvent()) DIDPresentationRequest properties: ["CorrelationVector": "oHaL8D6HTXWiCbRiY2svsQ.2", "DIDSource": "QRScanner", "HasFailed": "true", "DIDFirstTimeOnBoarding": "false"]2021-04-14 13:11:58.269 VERB VerifiableCredential 0 TID=1 261 (navigateUsing(navigationBlock:)) navigateUsing: view had appeared previously CorrelationVector: oHaL8D6HTXWiCbRiY2svsQ.22021-04-14 13:11:58.288 VERB VerifiableCredential 0 TID=1 90 (configure()) Showing error page with invalidSignature details:Error: VCEntities.PresentationRequestValidatorError code: 2 CorrelationVector: oHaL8D6HTXWiCbRiY2svsQ.22021-04-14 13:14:29.545 VERB VerifiableCredential 0 TID=1 90 (configure()) Showing error page with invalidSignature details:Error: VCEntities.PresentationRequestValidatorError code: 2 CorrelationVector: oHaL8D6HTXWiCbRiY2svsQ.22021-04-14 13:14:33.722 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Function": "fire()", "Line": "55", "Message": "Correlation Vector for VCNetworking.FetchPresentationRequestOperation: zRbSMpxmQvy05HaCqf2Etg.1", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift", "CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.1"]2021-04-14 13:14:33.926 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Line": "55", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift", "CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.2", "Message": "Correlation Vector for VCNetworking.FetchDIDDocumentOperation: zRbSMpxmQvy05HaCqf2Etg.2", "Function": "fire()"]2021-04-14 13:14:34.491 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Line": "55", "Function": "fire()", "Message": "Correlation Vector for VCNetworking.FetchDIDDocumentOperation: zRbSMpxmQvy05HaCqf2Etg.3", "CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.3", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift"]2021-04-14 13:14:34.599 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Line": "55", "Function": "fire()", "Message": "Correlation Vector for VCNetworking.FetchWellKnownConfigDocumentOperation: zRbSMpxmQvy05HaCqf2Etg.4", "CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.4", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift"]2021-04-14 13:14:35.278 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Message": "Correlation Vector for VCNetworking.FetchContractOperation: zRbSMpxmQvy05HaCqf2Etg.5", "Function": "fire()", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift", "Line": "55", "CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.5"]2021-04-14 13:14:37.289 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Line": "55", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift", "Function": "fire()", "Message": "Correlation Vector for VCNetworking.FetchDIDDocumentOperation: zRbSMpxmQvy05HaCqf2Etg.6", "CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.6"]2021-04-14 13:14:37.568 INFO VerifiableCredential 0 TID=1 55 (fire()) ["File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift", "Line": "55", "CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.7", "Message": "Correlation Vector for VCNetworking.FetchWellKnownConfigDocumentOperation: zRbSMpxmQvy05HaCqf2Etg.7", "Function": "fire()"]2021-04-14 13:14:38.609 VERB VerifiableCredential 0 TID=1 261 (navigateUsing(navigationBlock:)) navigateUsing: view had appeared previously CorrelationVector: zRbSMpxmQvy05HaCqf2Etg.72021-04-14 13:17:40.326 INFO VerifiableCredential 0 TID=1 71 (performAction()) DIDLinkedDomainsFailureContinueTapped properties: ["CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.7"]2021-04-14 13:35:30.360 INFO VerifiableCredential 0 TID=1 141 (stopTrackCurrentMeasuredEvent()) DIDIssuanceRequest properties: ["LinkedDomainsStatus": "linkedDomainUnverified", "DIDCountOfSelfIssuedRequested": "0", "DIDCountOfVCRequested": "0", "CorrelationVector": "zRbSMpxmQvy05HaCqf2Etg.7", "DIDIsCancelled": "true", "DIDFirstTimeOnBoarding": "false", "DIDSource": "QRScanner", "DIDCountOfIdTokenRequested": "1"]2021-04-14 15:15:43.779 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Line": "55", "CorrelationVector": "rbiCiQQARoOEpiQMWC5RRQ.1", "Message": "Correlation Vector for VCNetworking.FetchPresentationRequestOperation: rbiCiQQARoOEpiQMWC5RRQ.1", "Function": "fire()", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift"]2021-04-14 15:15:44.000 INFO VerifiableCredential 0 TID=1 55 (fire()) ["Line": "55", "CorrelationVector": "rbiCiQQARoOEpiQMWC5RRQ.2", "Message": "Correlation Vector for VCNetworking.FetchDIDDocumentOperation: rbiCiQQARoOEpiQMWC5RRQ.2", "Function": "fire()", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/Submodules/VerifiableCredential-SDK-iOS/VCNetworking/VCNetworking/operations/NetworkOperation.swift"]2021-04-14 15:15:44.516 ERRO VerifiableCredential 0 TID=1 79 (fetchFromUrl(url:)) Error: Error: VCEntities.PresentationRequestValidatorError code: 2 Message: Failed to get the presentation request Properties: ["Function": "fetchFromUrl(url:)", "CorrelationVector": "rbiCiQQARoOEpiQMWC5RRQ.2", "Line": "79", "Error": "Error: VCEntities.PresentationRequestValidatorError code: 2", "File": "/Users/runner/work/1/s/PhoneFactor/VerifiableCredentialWallet/VerifiableCredentialWallet/ViewModel/RequestProcessorViewModel.swift", "Message": "Failed to get the presentation request"]2021-04-14 15:15:44.517 INFO VerifiableCredential 0 TID=1 141 (stopTrackCurrentMeasuredEvent()) DIDPresentationRequest properties: ["DIDSource": "QRScanner", "CorrelationVector": "rbiCiQQARoOEpiQMWC5RRQ.2", "HasFailed": "true", "DIDFirstTimeOnBoarding": "false"]2021-04-14 15:15:44.518 VERB VerifiableCredential 0 TID=1 261 (navigateUsing(navigationBlock:)) navigateUsing: view had appeared previously CorrelationVector: rbiCiQQARoOEpiQMWC5RRQ.22021-04-14 15:15:44.558 VERB VerifiableCredential 0 TID=1 90 (configure()) Showing error page with invalidSignature details:Error: VCEntities.PresentationRequestValidatorError code: 2 CorrelationVector: rbiCiQQARoOEpiQMWC5RRQ.22021-04-14 15:39:21.092 VERB VerifiableCredential 0 TID=1 90 (configure()) Showing error page with invalidSignature details:Error: VCEntities.PresentationRequestValidatorError code: 2 CorrelationVector: rbiCiQQARoOEpiQMWC5RRQ.2

For some reason the example app is written in plain JS, not TS. So, there's no type verification.

Looks like the type for RequestorBuilder constructor call https://github.com/Azure-Samples/active-directory-verifiable-credentials/blob/main/issuer/app.js#L86 does not match at all to the type in the SDK: https://github.com/microsoft/VerifiableCredentials-Verification-SDK-Typescript/blob/cadc9c787315662d561a32e7c83c22c2983f9f95/lib/api_oidc_request/RequestorBuilder.ts

When I've debugged the application and checked how the payload is populated https://github.com/microsoft/VerifiableCredentials-Verification-SDK-Typescript/blob/cadc9c787315662d561a32e7c83c22c2983f9f95/lib/api_oidc_request/Requestor.ts#L49 - sure enough, it was full of undefineds.

Even if the application works somehow, it's a terribly confusing example, since the code is obviously incorrect.

On top of that, even the field naming in that new RequestorBuilder call is very weird: schema.uri is set to credentialType (which is an array), but issuance[0].manifest is set to an URL. Something is definitely amiss here.

I followed the main aka.ms/didfordevs guides and everything worked. I went further a little bit by trying to add custom attributes in my Azure AD to issue my Verifiable Credentials with extra info.

I can see that my id token has my custom attribute:

{
// ...
  "extn.dateOfBirth": [
    "1990-01-01"
  ],
  "family_name": "Ribeiro",
  "given_name": "Leo",
// ...
}

My VCs configs are:

// vc-rules.json
    "mapping": {
          "firstName": { "claim": "given_name" },
          "lastName": { "claim": "family_name" },
          "dateOfBirth": { "claim": "extn.dateOfBirth" },
    }

// vc-display.json
    "claims": {
      "vc.credentialSubject.firstName": {
        "type": "String",
        "label": "First name"
      },
      "vc.credentialSubject.lastName": {
        "type": "String",
        "label": "Last name"
      },
      "vc.credentialSubject.dateOfBirth": {
        "type": "String",
        "label": "Date of Birth"
      },

When trying to issue my VC I actually get an error in the Authenticator:

Error Code: unableToDecodeToken

Error Details: Error: VCNetworking.DecodingError
code: 0

Showing error page with unableToDecodeToken details:Error: VCNetworking.DecodingError code: 0 CorrelationVector: S1skSkl9S4uEEC0O70mcmw.8

I believe the error is because my custom attribute is being returned as an array of string as opposed to a string.

It's a little bit weird because I setup the dateOfBirth claim as a string, but Azure AD returns it as an array, and I found this: https://social.msdn.microsoft.com/Forums/azure/en-US/1d656d13-8893-4387-859e-6786bba8d086/optional-custom-claim-in-jwt-idtoken-appearing-as-array-not-string?forum=WindowsAzureAD

So it seems like it's expected and the suggestion is to handle it that way (according to above thread).

Question is: how can we handle it to make Authenticator work? Do we have a String[] type perhaps?

Another question that I have, seeing the documentation it looks like we can only issue attributes from the following inputs:

• OpenID
• Other VCs
• Self attested
• Static

Is there any way that I can just issue a VC from my server, with the attributes that I know the user has, and add it to Authenticator without going through the OpenID login inside the authenticator? (It seems redundant to me if the user is already logged in my dashboard and I want to issue a VC to him... Do we have any tutorials with this scenario?)

Following the steps from here:

https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/issue-verify-verifiable-credentials-your-tenant

and calling this URL:
.../issue-request

But running into following issue:

Could not retrieve {"keyReference":"#.....","type":"key","remoteKeyReference":"issuerSigningKeyIon-..............d"}. Error: RestError: The policy requires the caller 'appid=53.....f;oid=......;iss=https://sts.windows.net/*.....*/' to use on-behalf-of (OBO) flow. For more information on OBO, please see https://go.microsoft.com/fwlink/?linkid=2152310
This seems like a key vault access issue, although proper steps were followed. Maybe the error above gives the proper clue.

I removed the values from the URL in the above response.

The following error was displayed while checking the operation using the emulator.
I tried changing the host to 10.0.2.2 but that didn't solve.

Below is the emulator I tried.

I would appreciate if you could tell me if there are any settings required to check the operation using the emulator.

Reference Doc:
https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/verifiable-credentials-configure-verifier
I am using sample code,
git clone [email protected]:Azure-Samples/active-directory-verifiable-credentials-dotnet.git

Here, after setting up required configuration it is generating QR code and once successfully scanned it asked for manual code.
Post this once I click "Add" in authenticator app it is throwing error instead of credential added success message.
Error message in authenticator app:
Unhandled ExceptionField 'exp' is required, but it was missing.

Please help and advise.

Following steps from Here:
https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/issue-verify-verifiable-credentials-your-tenant

while try test the issuer (issue the verifiable credential) , at Add a credential screen -->after sign in to my account and after accept the consent, getting below error after
Troubleshooting details If you contact your administrator, send this info to them.
Copy info to clipboard Copied
Request Id: a6bf36d1-28b5-4be0-91f3-e6bfdb6c4900
Correlation Id: 4af1f2ff-5abe-47c6-b5dc-81fcd0b39928
Timestamp: 2021-06-07T14:11:54Z
Message: AADSTS500113: No reply address is registered for the application.
Flag sign-in errors for review: Enable flagged

I haven't set the reply URI during the app registration in Azure AD, can you please suggest

When trying to create a new credential in the Verified ID -> Create credential -> Custom Credential UI the example display and rules files for B2C on this sample (https://github.com/Azure-Samples/active-directory-verifiable-credentials/tree/main/B2C) do not seem to be valid any longer.

Example Display Definition:

{
    "default": {
      "locale": "en-US",
      "card": {
        "title": "Verified B2C Expert 2",
        "issuedBy": "MyOrgName",
        "backgroundColor": "#B8CEC1",
        "textColor": "#ffffff",
        "logo": {
          "uri": "https://mystorage.blob.core.windows.net/images/VerifiedCredentialExpert_icon.png",
          "description": "Logo"
        },
        "description": "Use your verified credential card to prove you are a B2C user."
      },
      "consent": {
        "title": "Do you want to get your B2C VC card?",
        "instructions": "Sign in with your account to get your card."
      },
      "claims": {
        "vc.credentialSubject.firstName": {
          "type": "String",
          "label": "First name"
        },
        "vc.credentialSubject.lastName": {
          "type": "String",
          "label": "Last name"
        },
        "vc.credentialSubject.oid": {
          "type": "String",
          "label": "oid"
        },
        "vc.credentialSubject.tid": {
          "type": "String",
          "label": "tid"
        },
        "vc.credentialSubject.displayName": {
          "type": "String",
          "label": "displayName"
        },
        "vc.credentialSubject.username": {
          "type": "String",
          "label": "username"
        }
      }
    }
  }

Example Rules file definition:

{
  "vc": {
    "type": [ "Verified B2C Expert 2" ]
  },
  "validityInterval": 2592000,
  "attestations": {
    "idTokens": [
      {
        "mapping": {
          "displayName": { "claim": "name" },
          "oid": { "claim": "oid" },
          "tid": { "claim": "tid" },
          "username": { "claim": "email" },
          "lastName": { "claim": "family_name" },
          "firstName": { "claim": "given_name" }
        },
        "configuration": "https://myb2ctenant.b2clogin.com/myb2ctenant.onmicrosoft.com/B2C_1A_SIGNUP_SIGNIN_VC/v2.0/.well-known/openid-configuration",
        "client_id": "5754c86a-e195-459e-98cf-2546ef5eb0c8",
        "scope": "openid",
        "redirect_uri": "vcclient://openid"
      }
    ]
  }
}

When trying to upload these definitions in portal the following error is returned:

{"requestId":"ea4d17be61b492d221414d73bc7be783","date":"Sat, 06 Aug 2022 15:41:55 GMT","mscv":"QlYd3WAkkDu4Br0l.2","error":{"code":"missingRequiredParameter","message":"clientId is a required value. Please enter a value and try again."}}

Can we update the example display and rules file definition for the B2C VC Sample?

Authenticator returns an error when scanning the Issuer-provided QR code.

Error Code:SdkException
Error Details: Unhandled ExceptionField 'nonce' is required, but it was missing.

A temporary workaround is to use the Verifier sample directly, and take advantage of the fact that it is configured to allow issuance.

It does appear that this is addressed in the Verifier project RequestorBuilder, where useNonce and useState calls are included, but similar calls are not present in the Issuer project.

Hello, I couldn't find an example so I'm asking here.
Is it possible with the RequestorBuilder to create a request containing just a subset of the attributes defined in the credential type? In the example below just the credential type is defined.
If it's possible is it also possible to remove the credential type from the request and just ask for some attribute names?

Thank you very much.

The default issuer present in the sample has been working fine. But when I tried to create a custom issuer and try to get a verified credential, I'm getting the following error.

I would like to know Is there any significance for the value provided for kvSigningKeyId in didconfig.json. I just used the same key in the demo since I'm not sure from where I get that. For kvRemoteSigningKeyId, I gave the proper value from the key vault.

The logs are attached:

Calling app required broker protocol version: 1.0
Broker app protocol version: 1.0 Android 27 Thread.run()@764 [pool-1-thread-1]
02-09 09:51:29:027 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3613","correlation_id":"UNSET"}] Connection OK
Common protocol version: 1.0 Android 27 Thread.run()@764 [pool-1-thread-1]
02-09 09:51:29:037 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3779","correlation_id":"UNSET"}] Received successful result from Broker Content Provider. Android 27 Thread.run()@764 [pool-13-thread-1]
02-09 09:51:29:040 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3613","correlation_id":"UNSET"}] Broker content provider invoked for uriType: 10 Android 27 Thread.run()@764 [pool-1-thread-1]
02-09 09:51:29:041 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3613","correlation_id":"UNSET"}] MicrosoftBrokerServiceOperation starts getBrokerAccounts for package name: com.azure.authenticator Android 27 Thread.run()@764 [pool-1-thread-1]
02-09 09:51:29:046 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3779","correlation_id":"UNSET"}] Able to establish the connect, the broker protocol version in common is [1.0] Android 27 Thread.run()@764 [pool-13-thread-1]
02-09 09:51:29:060 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3613","correlation_id":"UNSET"}] No account matching broker account type exists. Android 27 Thread.run()@764 [pool-1-thread-1]
02-09 09:51:29:062 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3613","correlation_id":"UNSET"}] Get accounts, raw payload size :2 compressed size 22 Android 27 Thread.run()@764 [pool-1-thread-1]
02-09 09:51:29:063 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3779","correlation_id":"UNSET"}] Request to BrokerContentProvider for uri path /brokerApi/getBrokerAccounts Android 27 Thread.run()@764 [pool-13-thread-1]
02-09 09:51:29:066 UTC INFO/Broker: [2021-02-09 09:51:29 - {"thread_id":"3779","correlation_id":"UNSET"}] Received successful result from Broker Content Provider. Android 27 Thread.run()@764 [pool-13-thread-1]
02-09 08:59:47:697 UTC ERROR/DID_SDK/: Error loading Request [main]
02-09 08:59:47:699 UTC ERROR/DID_SDK/: [main]
02-09 09:01:50:605 UTC DEBUG/DID_SDK/: CardFlowViewModel state bundle saved: [] [main]
02-09 09:12:58:715 UTC ERROR/DID_SDK/: Error loading Request [main]
02-09 09:12:58:716 UTC ERROR/DID_SDK/: [main]
02-09 09:51:33:638 UTC ERROR/DID_SDK/: Error loading Request [main]
02-09 09:51:33:640 UTC ERROR/DID_SDK/: [main]
02-09 08:58:21:767 UTC DEBUG/Brooklyn: Brooklyn module disabled [main]
02-09 08:58:21:787 UTC DEBUG/Brooklyn: Enterprise deny list refresh periodic worker scheduled. [main]
02-09 08:58:22:408 UTC DEBUG/Brooklyn: EnterpriseDenyListRefreshWorker worker started. [DefaultDispatcher-worker-1]
02-09 08:58:22:475 UTC DEBUG/Brooklyn: Number of denyListsToRefresh to refresh : 0 [DefaultDispatcher-worker-1]
02-09 08:58:22:476 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-1]
02-09 08:58:22:479 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-1]
02-09 08:58:22:479 UTC DEBUG/Brooklyn: Brooklyn saved state is 2 and current state is ALLOW [DefaultDispatcher-worker-1]
02-09 08:58:22:480 UTC DEBUG/Brooklyn: Brooklyn module enabled [DefaultDispatcher-worker-1]
02-09 08:58:22:481 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-1]
02-09 08:58:22:588 UTC DEBUG/Brooklyn: EnterpriseDenyListRefreshWorker worker completed. Time taken : 0.178 seconds. [DefaultDispatcher-worker-1]
02-09 08:58:22:887 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-1]
02-09 08:58:22:889 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-1]
02-09 08:58:22:889 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-1]
02-09 08:58:23:441 UTC DEBUG/Brooklyn: Brooklyn module enabled [main]
02-09 08:58:23:458 UTC DEBUG/Brooklyn: Enterprise deny list refresh periodic worker scheduled. [main]
02-09 08:58:24:023 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 08:58:24:025 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 08:58:24:025 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 08:58:24:275 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-2]
02-09 08:58:24:277 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-2]
02-09 08:58:24:279 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-2]
02-09 08:58:32:299 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 08:58:32:301 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 08:58:32:301 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 08:58:32:520 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-2]
02-09 08:58:32:522 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-2]
02-09 08:58:32:523 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-2]
02-09 08:58:32:761 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-1]
02-09 08:58:32:762 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-1]
02-09 08:58:32:763 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-1]
02-09 08:58:37:625 UTC DEBUG/Brooklyn: Navigating from Credentials page to Sign in page [main]
02-09 08:58:37:669 UTC DEBUG/Brooklyn: Import Failed. Sign in to import passwords Dialog displayed. [main]
02-09 08:58:38:849 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 08:58:38:853 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 08:58:38:855 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 08:58:38:910 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-1]
02-09 08:58:38:913 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-1]
02-09 08:58:38:915 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-1]
02-09 08:58:48:495 UTC DEBUG/Brooklyn: Navigating from Credentials page to Sign in page [main]
02-09 08:58:48:522 UTC DEBUG/Brooklyn: Import Failed. Sign in to import passwords Dialog displayed. [main]
02-09 08:58:49:527 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 08:58:49:530 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 08:58:49:531 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 08:58:49:588 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-3]
02-09 08:58:49:589 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-3]
02-09 08:58:49:590 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-3]
02-09 08:58:59:851 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 08:58:59:854 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 08:58:59:855 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 08:58:59:899 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-1]
02-09 08:58:59:901 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-1]
02-09 08:58:59:902 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-1]
02-09 08:59:04:742 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 08:59:04:746 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 08:59:04:747 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 08:59:04:814 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-9]
02-09 08:59:04:816 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-9]
02-09 08:59:04:817 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-9]
02-09 09:10:30:383 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-1]
02-09 09:10:30:389 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-1]
02-09 09:10:30:390 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-1]
02-09 09:10:30:447 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-5]
02-09 09:10:30:448 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-5]
02-09 09:10:30:449 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-5]
02-09 09:14:21:447 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-5]
02-09 09:14:21:452 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-5]
02-09 09:14:21:455 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-5]
02-09 09:14:21:524 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 09:14:21:527 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 09:14:21:528 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 09:19:32:066 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-6]
02-09 09:19:32:069 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-6]
02-09 09:19:32:070 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-6]
02-09 09:19:32:122 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-3]
02-09 09:19:32:125 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-3]
02-09 09:19:32:126 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-3]
02-09 09:19:33:746 UTC DEBUG/Brooklyn: Navigating from Credentials page to Sign in page [main]
02-09 09:19:33:801 UTC DEBUG/Brooklyn: Import Failed. Sign in to import passwords Dialog displayed. [main]
02-09 09:19:34:436 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-3]
02-09 09:19:34:439 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-3]
02-09 09:19:34:441 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-3]
02-09 09:19:34:488 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 09:19:34:491 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 09:19:34:492 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 09:20:14:443 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-1]
02-09 09:20:14:448 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-1]
02-09 09:20:14:451 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-1]
02-09 09:20:14:495 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-2]
02-09 09:20:14:498 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-2]
02-09 09:20:14:499 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-2]
02-09 09:50:56:962 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-6]
02-09 09:50:56:965 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-6]
02-09 09:50:56:966 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-6]
02-09 09:50:57:049 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-4]
02-09 09:50:57:058 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-4]
02-09 09:50:57:060 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-4]
02-09 09:51:28:774 UTC DEBUG/Brooklyn: Configure and Display Brooklyn Enterprise controls called [DefaultDispatcher-worker-8]
02-09 09:51:28:791 UTC DEBUG/Brooklyn: allow listed account present [DefaultDispatcher-worker-8]
02-09 09:51:28:791 UTC DEBUG/Brooklyn: Brooklyn current state saved to ALLOW [DefaultDispatcher-worker-8]

App details:
App version: 6.2102.0762
App version code: 202107620
ADAL version: 3.1.0
Broker version: 3.4.1

            Device details:
            Android version: 8.1.0
            Android build: asus/WW_X00TD/ASUS_X00T_2:8.1.0/OPM1/15.2016.1810.337-20181106:user/release-keys
            Device name: ASUS_X00T_2
            Device ID: OPM1
            Device manufacturer: asus
            Device model: ASUS_X00TD
            Device display: OPM1.WW_Phone-15.2016.1810.337-20181106
            Device brand: asus
            Device hardware: qcom
            Locale: en_IN

ACCOUNTS
None