Active Directory
A set of directory-based technologies included in Windows Server.
6,244 questions
AD B2C access token claims missing when signing in multiple apps
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 21%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERC%3C/text%3E%3C/svg%3E)
Rafael Caviquioli
20
Reputation points
Considering that applications A and B are connected to the same AD B2C tenant and using the same custom policy (b2c_1a_signinup).
Problem: When signing in multiple applications, the second application gets a access token not containing the given_name and surname claims.
How to reproduce the problem:
- The user is NOT logged on to apps A or B.
- The user signs in with a Microsoft Account on app A.
- See the user name properly in the application (in the token).
- Open the app B URL and click on sign in. SSO takes place so the user is automatically logged in without prompting the authentication step.
- Don't see the username in the application (token).
Notes:
- If the user signs in app B and then goes to app A the problem also happens.
- If app B gets a new token with a refresh token, the missing claims are present properly.
This problem does NOT happen with email & password accounts, only with social accounts,