question

alvipeo avatar image
1 Vote"
alvipeo asked ·

Azure B2C optional group claims - Directory Roles - missing

I've been trying to authorize users based on their Role Directory using Azure B2C. I added Group Claim in "Token configuration (preview)", selected "Directory roles", so they should be available in both ID and Access tokens.

But when I get the token, there's no "groups" or anything like that. And my user does have a directory role assignment. What am I missing??

azure-ad-b2c
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered ·

@alvipeo Passing Claims by configuring it under "Token configuration (preview)" is currently supported only by standard Azure AD only and not by Azure AD B2C. The only way to pass specific claims in Token issued by B2C is by configuring it in User Flows or Custom Policies at this time.


Please "Accept as answer" wherever the information provided helps you to help others in the community.


· 3 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Mm... that's not good. What would you suggest to use for authorization then?

The only option I see is custom claims/attributes. Is there anything else?

0 Votes 0 ·

Yes, the only option available at this time is to use custom attributes passed as claims.

0 Votes 0 ·
alvipeo avatar image alvipeo amanpreetsingh-msft ·

Thank you!

0 Votes 0 ·