How to add onpremisesImmutableId to Identity Platform access token?

Koltsov Maksim 1 Reputation point
2021-06-29T13:52:58.66+00:00

Hi,

We are using Azure Active Directory with Azure AD Connect and MS Identity Platform for OIDC/OAuth2 protocol. Currently we get oid claims in access token, and this id is equal to user id in Azure portal. However, it is not equal to the id in our local AD, which is synced to Azure.

It is possible to retrieve our local id by using Graph API /user endpoint — by using onpremisesImmutableId field.

Is there a way to put this field into the JWT Access Token as well?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,768 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,829 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Deva-MSFT 2,266 Reputation points Microsoft Employee
    2021-07-01T09:15:36.777+00:00

    You may want to try the following Graph API call for the AAD user: https://graph.microsoft.com/v1.0/users?$filter=onPremisesImmutableId+eq+'{id}'


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.