Azure AD - How to add mobile phone number to OpenID response

Question

Hi, I am integrating the login from my web application with Azure AD by OpenId protocol. Regarding the flow:

1. User logs in our application through Azure SSO.
2. Application gets mobile phone from Azure to prepopulate it in the profile.

I tried different solutions. I do not see that I can add "mobile_phone" in "Optional claims" of "Token configuration" section, as with "given_name", for example. Also, I know that it is possible using Microsoft.Graph SDK. But I cannot use OnBehalfOfCredential, because application does not have access to client secret.

Could you please help with solution?

Thanks in advance.

Regards, Vladyslav

Answer 1

Hi @Vladyslav Boiko , unfortunately adding the mobile phone number as an optional claim in the token configuration section is not currently supported. However, you can use the Graph API to retrieve the user's mobile phone number and prepopulate it in the profile.

Since your application does not have access to the client secret, you can use the on-behalf-of flow to obtain an access token for the Microsoft Graph API. This flow allows your application to exchange the user's access token for an access token that can be used to call the Microsoft Graph API.

1. When the user logs in through Azure SSO, your application receives an access token for the user.
2. Your application sends a request to the Microsoft Graph API to retrieve the user's profile information, including the mobile phone number.
3. The Graph API returns the user's profile information, including the mobile phone number.
4. Your application prepopulates the mobile phone number in the user's profile.

Please let me know if you have any questions and I can help you further.

If this answer helps you please mark "Accept Answer" so other users can reference it.

Thank you,

James