I have an ADFS 4.0 OpenId Connect setup with Application Group "Web browser accessing a web application". I'm using implicit flow and able to successfully login from my web app receiving id_token and access_token.
Next I'm ussing the access token in requests send from the wep app to API server. What I want to do is customize the access token format - add additional params because by default I only have: aud, iss, iat, exp, apptype, appid, authmethod, urn, auth_time, ver, scp. I need the 'sub' param to put the logged username in the access token and some additional params for my api server/resource server to perform custom security logic before giving access to a resource.
How can I customize the access token in this flow in the ADFS 4.0?
