How Do I Add More Claims to the Identity Token in ADFS Using ADAL Libraries?
Question
This may be a simple question but I'm pretty new to ADFS, but I'm using ADAL Libraries for ADFS and I'm wondering if I can get claims to show up in the short lived identity token as opposed to the accessToken.
I have this code:
var authContext = new AuthenticationContext(authority, false);
var authResult = await authContext.AcquireTokenAsync(resourceURI, clientID, new Uri(clientReturnURI), new PlatformParameters(PromptBehavior.Auto));
And the authResult gives me two tokens: the accessToken and the IdToken and all the claims I've set in ADFS shows up in in the accessToken . But I wanted the accessToken to only include an identifier like a GUID (to keep it small), and keep information about the user (name, email, etc.) in an IdToken.
1 answers
solution1
1 ACCPTED 2018-12-27 00:41:38
If you are using ADFS 2016 then you can look at Customize claims to be emitted in id_token when using OpenID Connect or OAuth with AD FS 2016 as ADFS 2016 has the capability to customize the id_token for OpenID connect scenarios. You can see these additional claims as part of id_token using the same code to access claims.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.