OAuth2 return app_displayname in token claims

Charlie Horton 46 Reputation points


I am authenticating using an app in our Azure AD Tenant using the 'client_credentials' grant. I noticed that when I use the scope 'https://graph.microsoft.com/.default', my token claims include 'app_displayname', however, when I use a scope configured for one of our APIs I don't get that same claim, I still get the application ID through the claim 'azp', but I would like to also get the display name for the application?

Is it possible to configure this as a claim in the access token somehow?


Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,414 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,597 questions
{count} votes

Accepted answer
  1. VipulSparsh-MSFT 16,256 Reputation points Microsoft Employee

    @Charlie Horton This is possible under the Microosft.graph namespace only cannot be used for any custom app. If you have a requirement for getting any custom property for users, groups, device organization or application you can use extension property resource type to achieve that.

    For example, if an organization has a line of business (LOB) application that requires a Skype ID for each user in the directory, Microsoft Graph can be used to register a new property named skypeId on the directory’s User object, and then write a value to the new property for a specific user.

    Read more here


    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.

0 additional answers

Sort by: Most helpful