Tools, FAQ, Tutorials:
Adding Claims in Azure AD v2 id_token
How to include additional claims in Azure AD v2.0 id_tokens?
✍: FYIcenter.com
If you want to include additional claims in Azure AD v2.0 id_tokens, you need to modify your application registration in Azure AD.
1. Log in the Azure portal.
2. Select the Azure Active Directory service, and then select App registrations or App registrations (Preview).
3. Select the app you want to configure.
4. From the app's Overview page, select the Manifest section. A web-based manifest editor opens, allowing you to edit the manifest within the portal.
5. Find the "optionalClaims" root level property. Or add it if not exists. The structure of the "optionalClaims" property is like the following example of including "email" claim in the id_token claim:
... "oauth2RequirePostResponse": false, "optionalClaims": { "idToken": [ { "name": "email", "source": null, "essential": false, "additionalProperties": [] } ], "accessToken": [], "saml2Token": [] }, "orgRestrictions": [], ...
You can add any of the following optional claims:
ipaddr Client IP Address onprem_sid On-Premises Security Identifier pwd_exp Password Expiration Time pwd_url Change Password URL in_corp Inside Corporate Network nickname User Nickname family_name User Last Name given_name User First name auth_time Time of last authentication tenant_region_scope Region of the resource tenant home_oid Object ID of the user in home tenant. sid Session ID platf Device platform email User's email address verified_primary_email User's first verified email address verified_secondary_email User's second verified email address enfpolids Enforced policy IDs vnet VNET specifier information. fwd Forward IP address ctry User's country tenant_ctry Resource tenant's country xms_pdl Preferred data location xms_tpl Tenant preferred language ztdid Zero-touch Deployment ID acct Users account status in tenant upn UserPrincipalName claim
⇒ Validate Azure AD v2 id_token
2019-03-27, 6452🔥, 0💬
Popular Posts:
How to add request query string Parameters to my Azure API operation 2017 version to make it more us...
How to add an API to an API product for internal testing on the Publisher Portal of an Azure API Man...
How to search for the first match of a regular expression using re.search()? The re.search() functio...
How to decode the id_token value received from Google OpenID Connect authentication response? Accord...
What is EPUB 3.0 Metadata "dcterms:modified" property? EPUB 3.0 Metadata "dcterms:modified" is a req...