I have added a custom application to our active directory per MS guide here
How can I customise the claims provided in the SAML token to provide the security groups of the authenticated user. This article makes no mention of groups https://azure.microsoft.com/en-us/documentation/articles/active-directory-saml-claims-customization/
I know normally for an Azure application in AD I can alter the manifest to get it to return the security groups. However I have no experience with the SAML version. We have a very limited number of groups we care about so even boolean flag of InGroupA would work.
I am using kentor Authservices and that part is working fine but it has no claim for groups. I have attempted to make it require the attribute http://schemas.microsoft.com/ws/2008/06/identity/claims/groups however it still logs me in without token containing this claim.
Any ideas?