I see that active directory can be used to authenticate users that are (indirectly) calling azure functions.
Let's pretend that I have implemented a database table called projects and I have a one to one relationship between users and projects.
My goal is to implement an azure function that fetches user specific data such that authenticated users could not snoop around in another authenticated user's data (i.e. users are isolated from each other).
(2) How could I tell Azure Active Directory to give me a JWT token with a custom claim in it that I could pass to the azure function that could intern extract a suitable primary key to the projects table?
Or perhaps there is a better way?