I'm working on Client Credential Flow to authenticate two applications but I want to add some information in access token. Can we customize claim and include it in access token ?
Asked
Active
Viewed 240 times
1 Answers
1
I tried to reproduce the same in my environment to create the custom claim in Azure AD
Please follow the below steps to get the access token
You can get the Object ID of Service Principal ID like below
Azure Portal>Azure Active Directory>Enterprise Application>Select your application
(https://i.stack.imgur.com/5KEcs.png)
Change the value in manifest like below
(https://i.stack.imgur.com/gIn3f.png)
Create the policy using powershell like below
$Policy = New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema": [{"Source":"user","ID":"customvalue","JwtClaimType":"customclaim"}]}}') -DisplayName "Demo123" -Type "ClaimsMappingPolicy"
Add-AzureADServicePrincipalPolicy -RefObjectId $Policy.Id -Id '<Service Principle ID>'
(https://i.stack.imgur.com/fepdC.png)
Generate the code and copy the code to generate the token via postman
https://login.microsoftonline.com/Tenant ID/v2.0/authorize?
&client_id=Client ID&response_type=code
&redirect_uri=https://jwt.ms
&response_mode=query
&scope=https://graph.microsoft.com/.default
&state=12345
(https://i.stack.imgur.com/htfsK.png)
Kindly change the value in Postman to generate the Token
(https://i.stack.imgur.com/QZSk5.png)
copy the Access token value without quotes from postman
(https://i.stack.imgur.com/N80kf.png)
Decode the same access token value in jwt.ms
Venkat V
- 2,197
- 1
- 1
- 10