Adding Azure Ad Oauth2 JWT Token Claims

Question

Adding Azure Ad Oauth2 JWT Token Claims

I'm just wondering if there is a way to add or specify custom applications for the Azure Ad OAuth2 JWT token through the Azure Portal? Or is this just the possible side of the code?

+4

c # oauth-2.0 jwt azure-active-directory

John Feb 24 '17 at 8:46

source share

2 answers

Fei Xue · Answer 1 · 2017-02-27T05:58:53+0000

As far as I know, Azure AD does not support issuing user requirements at this time.

As a workaround, we can use the Azure AD graph to add directory schema extensions . After that, we can use Azure AD Graph to get a data extension and add a custom ticket when the security token is checked as the code below:

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions
    {
        ClientId = clientId,
        Authority = authority,
        PostLogoutRedirectUri = postLogoutRedirectUri,
        Notifications = new OpenIdConnectAuthenticationNotifications
        {
            AuthenticationFailed = context => 
            {
                context.HandleResponse();
                context.Response.Redirect("/Error?message=" + context.Exception.Message);
                return Task.FromResult(0);
            }
            ,
            SecurityTokenValidated = context =>
            {
                //you can use the Azure AD Graph to read the custom data extension here and add it to the claims 
                context.AuthenticationTicket.Identity.AddClaim(new System.Security.Claims.Claim("AddByMe", "test"));
                return Task.FromResult(0);
            }
    });

, - Azure, .

Jean-Marc Prieur · Answer 2 · 2017-02-24T10:28:23+0000

, , (, ), -tenant - Azure AD Azure-AD. Azure-AD, .

Adding Azure Ad Oauth2 JWT Token Claims

More articles: