This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 63%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Hello Team
I am using custom policies to enable Multi-tenant AD on a B2C tenant following this flow.
I am getting this [kindly see the picture below].
However, I want the custom policy to fetch the email or upn attribute from user's Azure AD and add it as "emails" in the token. The idea is to provide this token to the application [Dynamics 365] so that it will recognize the email account and thus map the signed user account with corresponding Dynamics 365 contacts. Thanks for your effort.
I found the answer.
It seems I need to add this to trustframeworkextension.xml under ClaimProviders -->ClaimProvider [for e.g. AAD] - TechnicaProfiles -OutputCliams element
<OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="email" />