Document maximum regex based claims transforms and related errors #1785
Conversation
Jackson-Woods
commented
Oct 8, 2025
Jackson-Woods
commented
- Documents max of 20 regex based claims transforms on SAML and JWT doc
- Add line for customer-reported error code 501631, plus related error code 501632
Add a note for maximum 20 regex based claims transformations.
Added other STS error codes for regex claims transform
Added line stating 20 maximum regex based claims transforms to JWT claims customization doc.
prmerger-automator
bot
requested review from
cilwerner,
OwenRichards1,
AllisonAm and
nickludwig
|
@Jackson-Woods : Thanks for your contribution! The author(s) and reviewer(s) have been notified to review your proposed change. |
|
Learn Build status updates of commit 0e18d2d: ✅ Validation status: passed
For more details, please refer to the build report. |
There was a problem hiding this comment.
Pull Request Overview
This PR documents the maximum limit for regex-based claims transformations and adds error codes for related configuration issues. The changes improve user understanding of system limitations and error handling.
- Added documentation for the 20 regex replacement limit in both SAML and JWT claims transformation sections
- Included two new error codes (501631, 501632) for regex transformation failures
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| docs/identity-platform/saml-claims-customization.md | Added documentation for 20 regex replacement limit |
| docs/identity-platform/jwt-claims-customization.md | Added documentation for 20 regex replacement limit |
| docs/identity-platform/reference-error-codes.md | Added new error codes 501631 and 501632 for regex transformation issues |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| | AADSTS501632 | Regular expression replacement for claims transformation has too many substitution parameters in the replacement input parameter. Please contact your admin to fix the configuration. | | ||
| | AADSTS50164 | The supplied access token was not issued for the purpose for which it is being used. Expected a token with purpose '{name}'. | | ||
| | AADSTS50165 | The token encrypting algorithm '{algorithm}' requested by the application isn't supported for this type of token. This indicates the application is misconfigured. | | ||
| | AADSTS50165 | The token encrypting algorithm '{al5gorithm}' requested by the application isn't supported for this type of token. This indicates the application is misconfigured. | |
There was a problem hiding this comment.
Corrected spelling of 'al5gorithm' to 'algorithm'.
| | AADSTS50165 | The token encrypting algorithm '{al5gorithm}' requested by the application isn't supported for this type of token. This indicates the application is misconfigured. | | |
| | AADSTS50165 | The token encrypting algorithm '{algorithm}' requested by the application isn't supported for this type of token. This indicates the application is misconfigured. | |
Copilot uses AI. Check for mistakes.
|
Hi @Jackson-Woods - This pull request was opened in the public repo. PMs should work in the private repo, per the Microsoft Docs contributor guide. We can keep this PR open for review and merge, but would you make future content updates in the private repo? Thank you! Can you review the proposed changes? IMPORTANT: When the changes are ready for publication, adding a #label:"aq-pr-triaged" |
