This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 99%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Good afternoon MS team,
I am writing you because I am looking for information on how to add custom claims when the application is generating JWT token, but I can't add them to the AccessToken, but I can see them in the IDToken, .
Questions:
Can I configure custom claims in my AccessToken by adding test2, mytest, t2020, etc? Is this option possible? if so, how?
I have been reading these links but to no success:
Thoughts?, insights?,
Thanks a lot
Cheers,
Moisés.
To issue your custom claims in an access token you need to use your app registration as the OAuth2 resource. Eg. /authorize? client_id=APP_ID&scope=APP_ID/.default
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Thank you for posting this in Microsoft Q&A.
You can add custom attributes to the claims and send it within an access token.
You can follow the steps mentioned below:
New-AzureADPolicy -Definition @('{
"ClaimsMappingPolicy": {
"Version": 1,
"IncludeBasicClaimSet": "true",
"ClaimsSchema": [{
"Source": "user",
"ID": "test2",
"JwtClaimType": "test2"
},
{
"Source": "user",
"ID": "mytest",
"JwtClaimType": "mytest"
},
{
"Source": "user",
"ID": "t2020",
"JwtClaimType": " t2020"
},
{
"Source": "user",
"ID": "tetttteeesss",
"JwtClaimType": " tetttteeesss"
}
]
}
}') -DisplayName "CustomClaimsPolicy1" -Type "ClaimsMappingPolicy"
Attach the newly created AzureADPolicy to a specific AzureAD App's Serviceprincipal for which the token would be requested for.
Add-AzureADServicePrincipalPolicy -Id {object id of service principal} -RefObjectId {object id of policy}
To check if the policy is successfully added to the ServicePrincipal or not:
Get-AzureADServicePrincipalPolicy -Id "{object id of service principal}"
Let me know if you have any further questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Apologies for getting back to you late, I will try it and I will keep you posted with the result.
Thank you!