Logging in with a guest account in Azure AD B2C

Guest_SUSI.xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TrustFrameworkPolicy
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                      xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                      xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
                      PolicySchemaVersion="0.3.0.0"
                      TenantId="tenant.onmicrosoft.com"
                      PolicyId="B2C_1A_Guest_SUSI"
                      PublicPolicyUri="http://tenant.onmicrosoft.com/B2C_1A_Guest_SUSI">

	<BasePolicy>
		<TenantId>tenant.onmicrosoft.com</TenantId>
		<PolicyId>B2C_1A_TRUSTFRAMEWORKEXTENSIONSMFA</PolicyId>
	</BasePolicy>
	
	<BuildingBlocks>
		<ClaimsSchema>
	
			<ClaimType Id="guestUser">
				<DisplayName>Guest User</DisplayName>
				<DataType>boolean</DataType>
				<AdminHelpText>Specifies whether the user is a guest.</AdminHelpText>
				<UserHelpText>Specifies whether the user is a guest.</UserHelpText>
			</ClaimType>
	
		</ClaimsSchema>
		
	</BuildingBlocks>
	
	<ClaimsProviders>
		<ClaimsProvider>
			<DisplayName>Local Account</DisplayName>
			<TechnicalProfiles>
	
				<TechnicalProfile Id="GuestAccount">
					<DisplayName>Guest account</DisplayName>
					<Protocol Name="Proprietary" Handler="Web.TPEngine.Providers.ClaimsTransformationProtocolProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
					<OutputClaims>
						<OutputClaim ClaimTypeReferenceId="guestUser" DefaultValue="true" AlwaysUseDefaultValue="true"/>
					</OutputClaims>
				</TechnicalProfile>
				
			</TechnicalProfiles>
		</ClaimsProvider>
	</ClaimsProviders>
	
	<UserJourneys>
		<UserJourney Id="GuestSignUpOrSignIn">
		
			<OrchestrationSteps>
				<OrchestrationStep Order="1" Type="ClaimsProviderSelection" ContentDefinitionReferenceId="api.idpselections">
					<ClaimsProviderSelections>
						<ClaimsProviderSelection TargetClaimsExchangeId="LocalAccountSigninEmailExchange"/>
						<ClaimsProviderSelection TargetClaimsExchangeId="GuestExchange"/>
					</ClaimsProviderSelections>
				</OrchestrationStep>
		
				<OrchestrationStep Order="2" Type="ClaimsExchange">
					<ClaimsExchanges>
						<ClaimsExchange Id="GuestExchange" TechnicalProfileReferenceId="GuestAccount"/>
						<ClaimsExchange Id="LocalAccountSigninEmailExchange" TechnicalProfileReferenceId="SelfAsserted-LocalAccountSignin-Email"/>
					</ClaimsExchanges>
				</OrchestrationStep>
		
				<!-- Other steps here. Maybe a self-asserted screen to get some attributes? -->
				  
				<OrchestrationStep Order="3" Type="SendClaims" CpimIssuerTechnicalProfileReferenceId="JwtIssuer"/>
			</OrchestrationSteps>
		</UserJourney>
	</UserJourneys>

	<RelyingParty>
		<DefaultUserJourney ReferenceId="GuestSignUpOrSignIn"/>
		<TechnicalProfile Id="PolicyProfile">
			<DisplayName>PolicyProfile</DisplayName>
			<Protocol Name="OpenIdConnect"/>
			<OutputClaims>
				<OutputClaim ClaimTypeReferenceId="guestUser" AlwaysUseDefaultValue="true" DefaultValue="true"/>
				<OutputClaim ClaimTypeReferenceId="objectId" PartnerClaimType="sub" AlwaysUseDefaultValue="true" DefaultValue="123456"/>
				<OutputClaim ClaimTypeReferenceId="tenantId" AlwaysUseDefaultValue="true" DefaultValue="{Policy:TenantObjectId}"/>
			</OutputClaims>
			<SubjectNamingInfo ClaimType="sub"/>
		</TechnicalProfile>
	</RelyingParty>
</TrustFrameworkPolicy>

https://medium.com/the-new-control-plane/logging-in-with-a-guest-account-in-azure-ad-b2c-64e8638acb3e