how to get group information as part of claims in JWT token?

Tetopa Kundeti 1 Reputation point
2021-03-05T04:49:01.197+00:00

how to get group information as part of claims in JWT token?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,977 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,861 Reputation points Moderator
    2021-03-05T07:48:33.967+00:00

    Hi @Tetopa Kundeti · Thank you for reaching out.

    For this purpose, you need to navigate to Azure AD > App Registration > Open the app that you want to configure the token for and use below option:

    74742-image.png

    If you configure group information to be passed in Access token, below parameters gets added in the application manifest:

    "optionalClaims": {  
        "accessToken": [{  
            "name": "groups",  
            "additionalProperties": ["dns_domain_and_sam_account_name"]  
        }]  
    }  
    

    If you configure Group information to be passed in ID token, below parameters are added:

    "optionalClaims": {  
        "idToken": [{  
            "name": "groups",  
            "additionalProperties": ["netbios_domain_and_sam_account_name", "emit_as_roles"]  
        }]  
     }  
    

    You can directly add these parameters in the Manifest as well.

    Read more: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-fed-group-claims

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.