Roles Missing on Access Token

CUI 6 Reputation points

We have an API app set up under one tenant (Tenant A) with a role "test". I then have a demo app set up under a different Tenant (Tenant B), and added that role under Tenant B's app (screenshot below). However, when I make a call to oauth2/v2.0/token using client_credentials flow the JWT does not contain a roles property. Is it possible to pass roles in my current configuration? I was able to access the roles in the JWT when "demo app" was set up under Tenant A.


Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,852 questions
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. Sreeju Nair 11,856 Reputation points

    One of the option is to use App Roles in your application. Refer the following URL

    Another option is to get the security groups of the signed in user. Refer the following sample

    Hope this helps