Hi @Miguel ,
Thanks for reaching out.
Define the claim as
<ClaimType Id="extension_CustomRoles">
<DisplayName>Custom roles</DisplayName>
<DataType>string</DataType>
</ClaimType>
Update below Technical Profile:
- Under LocalAccountSignUpWithReadOnlyEmail (for local account sign-up flow), add
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="extension_CustomRoles" AlwaysUseDefaultValue="true" DefaultValue="user"/>
</OutputClaims>
In your trustframeworkextensions file, add below claims providers
<ClaimsProvider>
<DisplayName>Azure Active Directory</DisplayName>
<TechnicalProfiles>
<!-- Write data during a local account sign-up flow. -->
<TechnicalProfile Id="AAD-UserWriteUsingLogonEmail">
<PersistedClaims>
<PersistedClaim ClaimTypeReferenceId="extension_CustomRoles"/>
</PersistedClaims>
</TechnicalProfile>
<!-- Write data during a federated account first-time sign-in flow. -->
<TechnicalProfile Id="AAD-UserWriteUsingAlternativeSecurityId">
<PersistedClaims>
<PersistedClaim ClaimTypeReferenceId="extension_CustomRoles"/>
</PersistedClaims>
</TechnicalProfile>
<!-- Write data during edit profile flow. -->
<TechnicalProfile Id="AAD-UserWriteProfileUsingObjectId">
<PersistedClaims>
<PersistedClaim ClaimTypeReferenceId="extension_CustomRoles"/>
</PersistedClaims>
</TechnicalProfile>
<!-- Read data after user resets the password. -->
<TechnicalProfile Id="AAD-UserReadUsingEmailAddress">
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="extension_CustomRoles" />
</OutputClaims>
</TechnicalProfile>
<!-- Read data after user authenticates with a local account. -->
<TechnicalProfile Id="AAD-UserReadUsingObjectId">
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="extension_CustomRoles" />
</OutputClaims>
</TechnicalProfile>
<!-- Read data after user authenticates with a federated account. -->
<TechnicalProfile Id="AAD-UserReadUsingAlternativeSecurityId">
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="extension_CustomRoles" />
</OutputClaims>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>
In your signup_signin (RP) file, add below output claim:
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="extension_CustomRoles" PartnerClaimType="my_custom_roles" />
</OutputClaims>
You need to persist the extension attribute as mentioned above.
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.