在onazure广告的JWT声明中添加on_premise_sam_account属性

时间:2019-09-26 19:33:51

标签: jwt azure-active-directory

我一直试图在我的id令牌中返回onpremisessamaccountname,我似乎无法获得语法或尝试以下操作的正确方法:

"optionalClaims": {
    "idToken": [
        {
            "name": "onprem_sam_account_name",
            "source": "user",
            "essential": true,
            "additionalProperties": []
        }
    ],

"optionalClaims": {
    "idToken": [
        {
            "name": "onprem_sam_account_name",
            "source": "user.onpremsamaccountname",
            "essential": true,
            "additionalProperties": []      }
    ],

    "optionalClaims": {
    "idToken": [
        {
            "name": "onprem_sam_account_name",
            "source": "user.onprem_sam_account_name",
            "essential": true,
            "additionalProperties": []      }
    ],

1 个答案:

答案 0 :(得分:0)

onprem_sam_account_name是Azure AD中受限制的声明集的一部分。您不能将其添加为令牌中的可选声明。

参考:https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-claims-mapping#table-1-json-web-token-jwt-restricted-claim-set

相关问题
最新问题