Search
Search

How to add roles claim in access_token , currently it is coming in id_token?

debanka Published at Dev
14
debanka

I am following Authentication code flow with PKCE and my Identity provider is Azure Active directory. I have created a App , "client-app" from App Registrations. In the manifest I have added appRoles like the following.

"appRoles": [
    {
      "allowedMemberTypes": [
        "User"
      ],
      "displayName": "StoreGroupManager",
      "id": "47fbb575-859a-4941-89c9-0f7a6c30beac",
      "isEnabled": true,
      "description": "Consumer apps have access to the consumer data.",
      "value": "StoreGroupManager"
    }
  ]

I am assigning this role StoreGroupManager to Users. Now when I follow Authorization code flow with PKCE and obtain the id_token , refresh token and access_token. I can see that the id_token has a claim roles but not the access_token. I need to have roles claim claim in the access_token. Can this be possible? The following is the decoded id_token.

enter image description here

juunas

Roles will be in the access token if the app registration for the API that the access token is for defines those roles and they are assigned to the user. So if you use the same app registration for the client and API, they should be there. But if you have separate app registrations for the client and API, you will need to define the role in both apps and assign the user to it on both of them as well.

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at
0

Comments

0 comments
Login to comment

Related

How i can add the calculated fields to access_token / id_token

Add custom claim onPremisesSamAccountName into access_token on Azure AD app registration Authentication

Oath2 open Id connect - How to exchange access_token for a id_token

Azure AD - missing roles claim in the token

Azure AD roles claim missing in Token

Scope/Roles claim not available in the Client Credentials access token

How to "sign in with Google" (id_token) *and* receive a code/access_token for specific scope (for the backend)

How get in Azure access_token from Azure Function app with id_token?

Oauth 2.0 | SPA | How does id_token disguise as an access_token for accessing restricted web resources?

How to add more data in access_token JWT

Keycloak set custom in access_token claim via API

IdentityServer - How to add additional claim to client credential token?

IDW10201: Neither scope or roles claim was found in the bearer token

Graph API: Either scp or roles claim need to be present in the token

AccessDenied, Either scp or roles claim need to be present in the token

Outlook Add-In SSO access token missing email claim

API Gateway Authorizer Accepts ID_token But Not Access_Token

Azure AD B2C :: Roles claim is missing in access token

Identity Server 4 Add a claim to a generated token

How do I validate an access token using the at_hash claim of an id token?

How to access id_token in MSGraph SDK on iOS?

unable to add claim to id or access token based on attributes column of accounts table

Microsoft Graph API add scp or roles claim

AWS Amplify Auth with Cognito User Pool not returning nonce or at_hash claim in JWT id_token

Azure AD - No application roles claims in id_token in /authorize login but there are in /token login

Missing "aud" claim in access token

include an identity claim in access token

How to use facebook access_token

How to obtain access_token for google analytics?

TOP Ranking

  1. 1

    Can't pre-populate phone number and message body in SMS link on iPhones when SMS app is not running in the background

  2. 2

    pump.io port in URL

  3. 3

    How to import an asset in swift using Bundle.main.path() in a react-native native module

  4. 4

    Loopback Error: connect ECONNREFUSED 127.0.0.1:3306 (MAMP)

  5. 5

    Failed to listen on localhost:8000 (reason: Cannot assign requested address)

  6. 6

    Spring Boot JPA PostgreSQL Web App - Internal Authentication Error

  7. 7

    Is this docker-for-mac password dialog legit?

  8. 8

    Double spacing in rmarkdown pdf

  9. 9

    ngClass error (Can't bind ngClass since it isn't a known property of div) in Angular 11.0.3

  10. 10

    Vector input in shiny R and then use it

  11. 11

    Assembly definition can't resolve namespaces from external packages

  12. 12

    Bootstrap 5 Static Modal Still Closes when I Click Outside

  13. 13

    Can a 32-bit antivirus program protect you from 64-bit threats

  14. 14

    Using Response.Redirect with Friendly URLS in ASP.NET

  15. 15

    BigQuery - concatenate ignoring NULL

  16. 16

    How to how increase/decrease compared to adjacent cell

  17. 17

    AirflowException: Celery command failed - The recorded hostname does not match this instance's hostname

  18. 18

    @RefreshScope annotated Bean registered through BeanDefinitionRegistryPostProcessor not getting refreshed on Cloud Config changes

  19. 19

    MTKView Displaying Wide Gamut P3 Colorspace

  20. 20

    Displaying attached image with post how to i get it to display

  21. 21

    Python connect to firebird docker database

HotTag

Archive