OAuth2 return app_displayname in token claims

Charlie Horton 41 Reputation points


I am authenticating using an app in our Azure AD Tenant using the 'client_credentials' grant. I noticed that when I use the scope 'https://graph.microsoft.com/.default', my token claims include 'app_displayname', however, when I use a scope configured for one of our APIs I don't get that same claim, I still get the application ID through the claim 'azp', but I would like to also get the display name for the application?

Is it possible to configure this as a claim in the access token somehow?


Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,680 questions
Microsoft Graph Azure AD API
Microsoft Graph Azure AD API
A Microsoft API that queries the user's profile, finds other users, manages organizational relationships, tracks assignments, or creates original solutions that incorporate existing organizational data.
253 questions
{count} votes

Accepted answer
  1. VipulSparsh-MSFT 16,011 Reputation points

    @Charlie Horton This is possible under the Microosft.graph namespace only cannot be used for any custom app. If you have a requirement for getting any custom property for users, groups, device organization or application you can use extension property resource type to achieve that.

    For example, if an organization has a line of business (LOB) application that requires a Skype ID for each user in the directory, Microsoft Graph can be used to register a new property named skypeId on the directory’s User object, and then write a value to the new property for a specific user.

    Read more here


    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.

0 additional answers

Sort by: Most helpful