mfcollins3/signup.xml

## signup.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TrustFrameworkPolicy
    xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
    PolicySchemaVersion="0.3.0.0"
    TenantId="projectcenterdev.onmicrosoft.com"
    PolicyId="B2C_1A_SignUp"
    PublicPolicyUri="http://projectcenterdev.onmicrosoft.com/B2C_1A_SignUp"
    DeploymentMode="Development"
    UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights">
    <BuildingBlocks>
        <ClaimsSchema>
            <ClaimType Id="displayName">
                <DisplayName>Display Name</DisplayName>
                <DataType>string</DataType>
                <UserHelpText>Display name</UserHelpText>
                <UserInputType>TextBox</UserInputType>
            </ClaimType>

            <ClaimType Id="objectId">
                <DisplayName>User ID</DisplayName>
                <DataType>string</DataType>
                <DefaultPartnerClaimTypes>
                    <Protocol Name="OpenIdConnect" PartnerClaimType="oid" />
                </DefaultPartnerClaimTypes>
            </ClaimType>

            <ClaimType Id="newPassword">
                <DisplayName>New Password</DisplayName>
                <DataType>string</DataType>
                <UserHelpText>Password</UserHelpText>
                <UserInputType>Password</UserInputType>
                <Restriction>
                    <Pattern RegularExpression="^((?=.*[a-z])(?=.*[A-Z])(?=.*\d)|(?=.*[a-z])(?=.*[A-Z])(?=.*[^A-Za-z0-9])|(?=.*[a-z])(?=.*\d)(?=.*[^A-Za-z0-9])|(?=.*[A-Z])(?=.*\d)(?=.*[^A-Za-z0-9]))([A-Za-z\d@#$%^&amp;*\-_+=[\]{}|\\:',?/`~&quot;();!]|\.(?!@)){8,16}$" HelpText="8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ &amp; * - _ + = [ ] { } | \ : ' , ? / ` ~ &quot; ( ) ; ." />
                </Restriction>
            </ClaimType>

            <ClaimType Id="passwordPolicies">
                <DisplayName>Password Policies</DisplayName>
                <DataType>string</DataType>
            </ClaimType>

            <ClaimType Id="reenterPassword">
                <DisplayName>Confirm Password</DisplayName>
                <DataType>string</DataType>
                <UserHelpText>Confirm the password</UserHelpText>
                <UserInputType>Password</UserInputType>
                <Restriction>
                    <Pattern RegularExpression="^((?=.*[a-z])(?=.*[A-Z])(?=.*\d)|(?=.*[a-z])(?=.*[A-Z])(?=.*[^A-Za-z0-9])|(?=.*[a-z])(?=.*\d)(?=.*[^A-Za-z0-9])|(?=.*[A-Z])(?=.*\d)(?=.*[^A-Za-z0-9]))([A-Za-z\d@#$%^&amp;*\-_+=[\]{}|\\:',?/`~&quot;();!]|\.(?!@)){8,16}$" HelpText="8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ &amp; * - _ + = [ ] { } | \ : ' , ? / ` ~ &quot; ( ) ; ." />
                </Restriction>
            </ClaimType>

            <ClaimType Id="signInName">
                <DisplayName>Username</DisplayName>
                <DataType>string</DataType>
                <UserHelpText>Username</UserHelpText>
                <UserInputType>TextBox</UserInputType>
            </ClaimType>

            <ClaimType Id="signInNames.userName">
                <DisplayName>Username</DisplayName>
                <DataType>string</DataType>
                <UserHelpText>Username</UserHelpText>
                <UserInputType>TextBox</UserInputType>
            </ClaimType>

            <ClaimType Id="sub">
                <DisplayName>Subject</DisplayName>
                <DataType>string</DataType>
                <DefaultPartnerClaimTypes>
                    <Protocol Name="OpenIdConnect" PartnerClaimType="sub" />
                </DefaultPartnerClaimTypes>
            </ClaimType>

            <ClaimType Id="tenantId">
                <DisplayName>Tenant ID</DisplayName>
                <DataType>string</DataType>
                <DefaultPartnerClaimTypes>
                    <Protocol Name="OpenIdConnect" PartnerClaimType="tid" />
                </DefaultPartnerClaimTypes>
            </ClaimType>

            <ClaimType Id="userPrincipalName">
                <DisplayName>User Principal Name</DisplayName>
                <DataType>string</DataType>
            </ClaimType>
        </ClaimsSchema>

        <ClaimsTransformations>
            <ClaimsTransformation Id="SetDisplayNameToSignInName" TransformationMethod="CopyClaim">
                <InputClaims>
                    <InputClaim ClaimTypeReferenceId="signInName" TransformationClaimType="inputClaim" />
                </InputClaims>
                <OutputClaims>
                    <OutputClaim ClaimTypeReferenceId="displayName" TransformationClaimType="outputClaim" />
                </OutputClaims>
            </ClaimsTransformation>
        </ClaimsTransformations>

        <ContentDefinitions>
            <ContentDefinition Id="api.localaccountsignup">
                <LoadUri>~/tenant/templates/AzureBlue/selfAsserted.cshtml</LoadUri>
                <RecoveryUri>~/common/default/default_page_error.html</RecoveryUri>
                <DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7</DataUri>
                <Metadata>
                    <Item Key="DisplayName">Sign Up</Item>
                </Metadata>
            </ContentDefinition>
        </ContentDefinitions>
    </BuildingBlocks>

    <ClaimsProviders>
        <ClaimsProvider>
            <DisplayName>Trustframework Policy Engine TechnicalProfiles</DisplayName>
            <TechnicalProfiles>
                <TechnicalProfile Id="TpEngine_c3bd4fe2-1775-4013-b91d-35f16d377d13">
                <DisplayName>Trustframework Policy Engine Default Technical Profile</DisplayName>
                <Protocol Name="None" />
                <Metadata>
                    <Item Key="url">{service:te}</Item>
                </Metadata>
                </TechnicalProfile>
            </TechnicalProfiles>
        </ClaimsProvider>

        <ClaimsProvider>
            <DisplayName>SSO Session Management</DisplayName>
            <TechnicalProfiles>
                <TechnicalProfile Id="SSO-None">
                    <DisplayName>No Session Management</DisplayName>
                    <Protocol Name="Proprietary" Handler="Web.TPEngine.SSO.NoopSSOSessionProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
                </TechnicalProfile>

                <TechnicalProfile Id="SSO-Default">
                    <DisplayName>Default SSO Session Management Provider</DisplayName>
                    <Description>Session management using the Azure AD B2C internal session provider</Description>
                    <Protocol Name="Proprietary" Handler="Web.TPEngine.SSO.DefaultSSOSessionProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
                </TechnicalProfile>
            </TechnicalProfiles>
        </ClaimsProvider>

        <ClaimsProvider>
            <DisplayName>Active Directory</DisplayName>
            <TechnicalProfiles>
                <TechnicalProfile Id="CreateLocalUser">
                    <DisplayName>Create Local User Account</DisplayName>
                    <Description>Creates the local user account in Active Directory</Description>
                    <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.AzureActiveDirectoryProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
                    <Metadata>
                        <Item Key="Operation">Write</Item>
                        <Item Key="RaiseErrorIfClaimsPrincipalAlreadyExists">true</Item>
                    </Metadata>
                    <IncludeInSso>false</IncludeInSso>
                    <InputClaimsTransformations>
                        <InputClaimsTransformation ReferenceId="SetDisplayNameToSignInName" />
                    </InputClaimsTransformations>
                    <InputClaims>
                        <InputClaim ClaimTypeReferenceId="signInName" PartnerClaimType="signInNames.userName" Required="true" />
                    </InputClaims>
                    <PersistedClaims>
                        <PersistedClaim ClaimTypeReferenceId="displayName" DefaultValue="unknown"/>
                        <PersistedClaim ClaimTypeReferenceId="newPassword" PartnerClaimType="password" />
                        <PersistedClaim ClaimTypeReferenceId="passwordPolicies" DefaultValue="DisablePasswordExpiration" />
                        <PersistedClaim ClaimTypeReferenceId="signInName" PartnerClaimType="signInNames.userName" />
                    </PersistedClaims>
                    <OutputClaims>
                        <OutputClaim ClaimTypeReferenceId="objectId" />
                        <OutputClaim ClaimTypeReferenceId="userPrincipalName" />
                    </OutputClaims>
                    <UseTechnicalProfileForSessionManagement ReferenceId="SSO-None" />
                </TechnicalProfile>
            </TechnicalProfiles>
        </ClaimsProvider>

        <ClaimsProvider>
            <DisplayName>Local User</DisplayName>
            <TechnicalProfiles>
                <TechnicalProfile Id="ShowSignUpForm">
                    <DisplayName>Sign Up Form</DisplayName>
                    <Description>Presents the user with a form to complete to sign up for a user account</Description>
                    <Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
                    <Metadata>
                        <Item Key="ContentDefinitionReferenceId">api.localaccountsignup</Item>
                    </Metadata>
                    <OutputClaims>
                        <OutputClaim ClaimTypeReferenceId="signInName" />
                        <OutputClaim ClaimTypeReferenceId="newPassword" Required="true" />
                        <OutputClaim ClaimTypeReferenceId="reenterPassword" Required="true" />
                        <OutputClaim ClaimTypeReferenceId="objectId" />
                    </OutputClaims>
                    <ValidationTechnicalProfiles>
                        <ValidationTechnicalProfile ReferenceId="CreateLocalUser" />
                    </ValidationTechnicalProfiles>
                    <UseTechnicalProfileForSessionManagement ReferenceId="SSO-Default" />
                </TechnicalProfile>
            </TechnicalProfiles>
        </ClaimsProvider>

        <ClaimsProvider>
            <DisplayName>Token Issuers</DisplayName>
            <TechnicalProfiles>
                <TechnicalProfile Id="JWTIssuer">
                    <DisplayName>JWT Issuer</DisplayName>
                    <Description>Generates and issues the JSON web token containing the user's identity information</Description>
                    <Protocol Name="OpenIdConnect" />
                    <OutputTokenFormat>JWT</OutputTokenFormat>
                    <Metadata>
                        <Item Key="issuer_refresh_token_user_identity_claim_type">objectId</Item>
                    </Metadata>
                    <CryptographicKeys>
                        <Key Id="issuer_secret" StorageReferenceId="B2C_1A_TokenSigningKeyContainer" />
                        <Key Id="issuer_refresh_token_key" StorageReferenceId="B2C_1A_TokenEncryptionKeyContainer" />
                    </CryptographicKeys>
                </TechnicalProfile>
            </TechnicalProfiles>
        </ClaimsProvider>
    </ClaimsProviders>

    <UserJourneys>
        <UserJourney Id="SignUp">
            <OrchestrationSteps>
                <OrchestrationStep Order="1" Type="ClaimsExchange">
                    <ClaimsExchanges>
                        <ClaimsExchange Id="ShowSignUpForm" TechnicalProfileReferenceId="ShowSignUpForm" />
                    </ClaimsExchanges>
                </OrchestrationStep>
                <OrchestrationStep Order="2" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JWTIssuer" />
            </OrchestrationSteps>
        </UserJourney>
    </UserJourneys>

    <RelyingParty>
        <DefaultUserJourney ReferenceId="SignUp" />
        <UserJourneyBehaviors>
            <JourneyInsights
                TelemetryEngine="ApplicationInsights"
                InstrumentationKey="7c25e293-8d7e-46c8-9e84-39400c53f1fb"
                DeveloperMode="true"
                ClientEnabled="true"
                ServerEnabled="true"
                TelemetryVersion="1.0.0" />
        </UserJourneyBehaviors>
        <TechnicalProfile Id="PolicyProfile">
            <DisplayName>Sign Up</DisplayName>
            <Description>Allows new users to sign up and create an account</Description>
            <Protocol Name="OpenIdConnect" />
            <InputClaims></InputClaims>
            <OutputClaims>
                <OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub" />
                <OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}" />
            </OutputClaims>
            <SubjectNamingInfo ClaimType="sub" />
        </TechnicalProfile>
    </RelyingParty>
</TrustFrameworkPolicy>
	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
	<TrustFrameworkPolicy
	xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
	PolicySchemaVersion="0.3.0.0"
	TenantId="projectcenterdev.onmicrosoft.com"
	PolicyId="B2C_1A_SignUp"
	PublicPolicyUri="http://projectcenterdev.onmicrosoft.com/B2C_1A_SignUp"
	DeploymentMode="Development"
	UserJourneyRecorderEndpoint="urn:journeyrecorder:applicationinsights">
	<BuildingBlocks>
	<ClaimsSchema>
	<ClaimType Id="displayName">
	<DisplayName>Display Name</DisplayName>
	<DataType>string</DataType>
	<UserHelpText>Display name</UserHelpText>
	<UserInputType>TextBox</UserInputType>
	</ClaimType>

	<ClaimType Id="objectId">
	<DisplayName>User ID</DisplayName>
	<DataType>string</DataType>
	<DefaultPartnerClaimTypes>
	<Protocol Name="OpenIdConnect" PartnerClaimType="oid" />
	</DefaultPartnerClaimTypes>
	</ClaimType>

	<ClaimType Id="newPassword">
	<DisplayName>New Password</DisplayName>
	<DataType>string</DataType>
	<UserHelpText>Password</UserHelpText>
	<UserInputType>Password</UserInputType>
	<Restriction>
	<Pattern RegularExpression="^((?=.[a-z])(?=.[A-Z])(?=.\d)\|(?=.[a-z])(?=.[A-Z])(?=.[^A-Za-z0-9])\|(?=.[a-z])(?=.\d)(?=.[^A-Za-z0-9])\|(?=.[A-Z])(?=.\d)(?=.[^A-Za-z0-9]))([A-Za-z\d@#$%^&\-_+=[\]{}\|\\:',?/`~"();!]\|\.(?!@)){8,16}$" HelpText="8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ & - _ + = [ ] { } \| \ : ' , ? / ` ~ " ( ) ; ." />
	</Restriction>
	</ClaimType>

	<ClaimType Id="passwordPolicies">
	<DisplayName>Password Policies</DisplayName>
	<DataType>string</DataType>
	</ClaimType>

	<ClaimType Id="reenterPassword">
	<DisplayName>Confirm Password</DisplayName>
	<DataType>string</DataType>
	<UserHelpText>Confirm the password</UserHelpText>
	<UserInputType>Password</UserInputType>
	<Restriction>
	<Pattern RegularExpression="^((?=.[a-z])(?=.[A-Z])(?=.\d)\|(?=.[a-z])(?=.[A-Z])(?=.[^A-Za-z0-9])\|(?=.[a-z])(?=.\d)(?=.[^A-Za-z0-9])\|(?=.[A-Z])(?=.\d)(?=.[^A-Za-z0-9]))([A-Za-z\d@#$%^&\-_+=[\]{}\|\\:',?/`~"();!]\|\.(?!@)){8,16}$" HelpText="8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ & - _ + = [ ] { } \| \ : ' , ? / ` ~ " ( ) ; ." />
	</Restriction>
	</ClaimType>

	<ClaimType Id="signInName">
	<DisplayName>Username</DisplayName>
	<DataType>string</DataType>
	<UserHelpText>Username</UserHelpText>
	<UserInputType>TextBox</UserInputType>
	</ClaimType>

	<ClaimType Id="signInNames.userName">
	<DisplayName>Username</DisplayName>
	<DataType>string</DataType>
	<UserHelpText>Username</UserHelpText>
	<UserInputType>TextBox</UserInputType>
	</ClaimType>

	<ClaimType Id="sub">
	<DisplayName>Subject</DisplayName>
	<DataType>string</DataType>
	<DefaultPartnerClaimTypes>
	<Protocol Name="OpenIdConnect" PartnerClaimType="sub" />
	</DefaultPartnerClaimTypes>
	</ClaimType>

	<ClaimType Id="tenantId">
	<DisplayName>Tenant ID</DisplayName>
	<DataType>string</DataType>
	<DefaultPartnerClaimTypes>
	<Protocol Name="OpenIdConnect" PartnerClaimType="tid" />
	</DefaultPartnerClaimTypes>
	</ClaimType>

	<ClaimType Id="userPrincipalName">
	<DisplayName>User Principal Name</DisplayName>
	<DataType>string</DataType>
	</ClaimType>
	</ClaimsSchema>

	<ClaimsTransformations>
	<ClaimsTransformation Id="SetDisplayNameToSignInName" TransformationMethod="CopyClaim">
	<InputClaims>
	<InputClaim ClaimTypeReferenceId="signInName" TransformationClaimType="inputClaim" />
	</InputClaims>
	<OutputClaims>
	<OutputClaim ClaimTypeReferenceId="displayName" TransformationClaimType="outputClaim" />
	</OutputClaims>
	</ClaimsTransformation>
	</ClaimsTransformations>

	<ContentDefinitions>
	<ContentDefinition Id="api.localaccountsignup">
	<LoadUri>~/tenant/templates/AzureBlue/selfAsserted.cshtml</LoadUri>
	<RecoveryUri>~/common/default/default_page_error.html</RecoveryUri>
	<DataUri>urn:com:microsoft:aad:b2c:elements:contract:selfasserted:2.1.7</DataUri>
	<Metadata>
	<Item Key="DisplayName">Sign Up</Item>
	</Metadata>
	</ContentDefinition>
	</ContentDefinitions>
	</BuildingBlocks>

	<ClaimsProviders>
	<ClaimsProvider>
	<DisplayName>Trustframework Policy Engine TechnicalProfiles</DisplayName>
	<TechnicalProfiles>
	<TechnicalProfile Id="TpEngine_c3bd4fe2-1775-4013-b91d-35f16d377d13">
	<DisplayName>Trustframework Policy Engine Default Technical Profile</DisplayName>
	<Protocol Name="None" />
	<Metadata>
	<Item Key="url">{service:te}</Item>
	</Metadata>
	</TechnicalProfile>
	</TechnicalProfiles>
	</ClaimsProvider>

	<ClaimsProvider>
	<DisplayName>SSO Session Management</DisplayName>
	<TechnicalProfiles>
	<TechnicalProfile Id="SSO-None">
	<DisplayName>No Session Management</DisplayName>
	<Protocol Name="Proprietary" Handler="Web.TPEngine.SSO.NoopSSOSessionProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
	</TechnicalProfile>

	<TechnicalProfile Id="SSO-Default">
	<DisplayName>Default SSO Session Management Provider</DisplayName>
	<Description>Session management using the Azure AD B2C internal session provider</Description>
	<Protocol Name="Proprietary" Handler="Web.TPEngine.SSO.DefaultSSOSessionProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
	</TechnicalProfile>
	</TechnicalProfiles>
	</ClaimsProvider>

	<ClaimsProvider>
	<DisplayName>Active Directory</DisplayName>
	<TechnicalProfiles>
	<TechnicalProfile Id="CreateLocalUser">
	<DisplayName>Create Local User Account</DisplayName>
	<Description>Creates the local user account in Active Directory</Description>
	<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.AzureActiveDirectoryProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
	<Metadata>
	<Item Key="Operation">Write</Item>
	<Item Key="RaiseErrorIfClaimsPrincipalAlreadyExists">true</Item>
	</Metadata>
	<IncludeInSso>false</IncludeInSso>
	<InputClaimsTransformations>
	<InputClaimsTransformation ReferenceId="SetDisplayNameToSignInName" />
	</InputClaimsTransformations>
	<InputClaims>
	<InputClaim ClaimTypeReferenceId="signInName" PartnerClaimType="signInNames.userName" Required="true" />
	</InputClaims>
	<PersistedClaims>
	<PersistedClaim ClaimTypeReferenceId="displayName" DefaultValue="unknown"/>
	<PersistedClaim ClaimTypeReferenceId="newPassword" PartnerClaimType="password" />
	<PersistedClaim ClaimTypeReferenceId="passwordPolicies" DefaultValue="DisablePasswordExpiration" />
	<PersistedClaim ClaimTypeReferenceId="signInName" PartnerClaimType="signInNames.userName" />
	</PersistedClaims>
	<OutputClaims>
	<OutputClaim ClaimTypeReferenceId="objectId" />
	<OutputClaim ClaimTypeReferenceId="userPrincipalName" />
	</OutputClaims>
	<UseTechnicalProfileForSessionManagement ReferenceId="SSO-None" />
	</TechnicalProfile>
	</TechnicalProfiles>
	</ClaimsProvider>

	<ClaimsProvider>
	<DisplayName>Local User</DisplayName>
	<TechnicalProfiles>
	<TechnicalProfile Id="ShowSignUpForm">
	<DisplayName>Sign Up Form</DisplayName>
	<Description>Presents the user with a form to complete to sign up for a user account</Description>
	<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.SelfAssertedAttributeProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
	<Metadata>
	<Item Key="ContentDefinitionReferenceId">api.localaccountsignup</Item>
	</Metadata>
	<OutputClaims>
	<OutputClaim ClaimTypeReferenceId="signInName" />
	<OutputClaim ClaimTypeReferenceId="newPassword" Required="true" />
	<OutputClaim ClaimTypeReferenceId="reenterPassword" Required="true" />
	<OutputClaim ClaimTypeReferenceId="objectId" />
	</OutputClaims>
	<ValidationTechnicalProfiles>
	<ValidationTechnicalProfile ReferenceId="CreateLocalUser" />
	</ValidationTechnicalProfiles>
	<UseTechnicalProfileForSessionManagement ReferenceId="SSO-Default" />
	</TechnicalProfile>
	</TechnicalProfiles>
	</ClaimsProvider>

	<ClaimsProvider>
	<DisplayName>Token Issuers</DisplayName>
	<TechnicalProfiles>
	<TechnicalProfile Id="JWTIssuer">
	<DisplayName>JWT Issuer</DisplayName>
	<Description>Generates and issues the JSON web token containing the user's identity information</Description>
	<Protocol Name="OpenIdConnect" />
	<OutputTokenFormat>JWT</OutputTokenFormat>
	<Metadata>
	<Item Key="issuer_refresh_token_user_identity_claim_type">objectId</Item>
	</Metadata>
	<CryptographicKeys>
	<Key Id="issuer_secret" StorageReferenceId="B2C_1A_TokenSigningKeyContainer" />
	<Key Id="issuer_refresh_token_key" StorageReferenceId="B2C_1A_TokenEncryptionKeyContainer" />
	</CryptographicKeys>
	</TechnicalProfile>
	</TechnicalProfiles>
	</ClaimsProvider>
	</ClaimsProviders>

	<UserJourneys>
	<UserJourney Id="SignUp">
	<OrchestrationSteps>
	<OrchestrationStep Order="1" Type="ClaimsExchange">
	<ClaimsExchanges>
	<ClaimsExchange Id="ShowSignUpForm" TechnicalProfileReferenceId="ShowSignUpForm" />
	</ClaimsExchanges>
	</OrchestrationStep>
	<OrchestrationStep Order="2" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JWTIssuer" />
	</OrchestrationSteps>
	</UserJourney>
	</UserJourneys>

	<RelyingParty>
	<DefaultUserJourney ReferenceId="SignUp" />
	<UserJourneyBehaviors>
	<JourneyInsights
	TelemetryEngine="ApplicationInsights"
	InstrumentationKey="7c25e293-8d7e-46c8-9e84-39400c53f1fb"
	DeveloperMode="true"
	ClientEnabled="true"
	ServerEnabled="true"
	TelemetryVersion="1.0.0" />
	</UserJourneyBehaviors>
	<TechnicalProfile Id="PolicyProfile">
	<DisplayName>Sign Up</DisplayName>
	<Description>Allows new users to sign up and create an account</Description>
	<Protocol Name="OpenIdConnect" />
	<InputClaims></InputClaims>
	<OutputClaims>
	<OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub" />
	<OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}" />
	</OutputClaims>
	<SubjectNamingInfo ClaimType="sub" />
	</TechnicalProfile>
	</RelyingParty>
	</TrustFrameworkPolicy>