How to access and filter groups in JWT token using Azure AD?
Question
net core application. I am returning JWT token which returns all the groups. I have below configuration in manifest.
"groupMembershipClaims": "SecurityGroup",
"optionalClaims": {
"idToken": [],
"accessToken": [
{
"name": "groups",
"source": null,
"essential": false,
"additionalProperties": []
}
]
},
Currently users has 100 or 200 groups. So I want to return groups via graph api. Along with that I want to return only groups whose name starts with AP. May I know is this possible? Any help in this regard appreciated. Thanks
2 answers
solution1
1 ACCPTED 2019-09-24 11:50:28
Currently not possible. If users have more than 200 groups, they won't be in the token. In those cases you have to query for the group memberships via Graph API.
If you only have few groups that you care about, you can query for the members of those groups and see if the user is in them. Depends a bit on the data if it is faster to get the user's groups or to get the members of the groups you care about.
You can also assign users/groups to roles in your application, if that is the purpose of these checks.
solution2
0 2022-07-14 23:18:32
You can configure the associated enterprise app registration to filter groups that will be included in the claim. Group Filtering
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.