iss: is part of the token verification and not typically considered a claim. you can map to user principal claims as a custom claim:
using transformation:
public class IssuerClaimsTransformation : IClaimsTransformation
{
public Task<ClaimsPrincipal> TransformAsync(ClaimsPrincipal principal)
{
var claimType = "issuer";
if (!principal.HasClaim(claim => claim.Type == claimType))
{
var issuer = principal.Claims.First().Issuer;
var claimsIdentity = new ClaimsIdentity();
claimsIdentity.AddClaim(new Claim(claimType, issuer));
principal.AddIdentity(claimsIdentity);
}
return Task.FromResult(principal);
}
}
and register:
builder.Services.AddTransient<IClaimsTransformation, IssuerClaimsTransformation>();