When using a C# script the claims in the http-request and the Claims function argument are useless (as far as I can tell) and to get the real claims you have fetch the authorization header yourself and call new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler..ReadJwtToken(string) yourself to get the claims.
It took me a long time to figure this out but it works.
Can anyone tell me what those bogus claims are in the http-request for the C# script and why I don't get the real claims that contain my city, state, zip etc..?
HOWEVER, when using System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler..ReadJwtToken(string) inside of a compiled C# azure function, it fails to deploy in spite of all our efforts to make it deploy (it is not copied to the "publish" directory for a compiled C# azure function). However, System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ReadJwtToken(string) deploys and works fine from a blazorserver windows webapp! Why is this?
HOWEVER, after struggling with this for weeks I discovered it is not necessary to call System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ReadJwtToken(string) inside the compiled C# function app because the http-request object (and the injected claims argument) has my claims and I can see my name, city, zip code etc. when I send them back to the caller.
Wow! This has been a very painful and unpleasant experience.
Siegfried