Parse user group information from Azure token?

0
votes

I am working with Angular JS and now I need to authenticate my application with Azure AD SSO .

Currently, I implemented same with adal-angular. Now apart of my requirement I need to parse user group information form the JWT token which I got after successful authentication(I am passing this token to my backend service and there I need to parse it)

I came to know that azure adal-angular implementation is not sending group information, reference available here.

  • 1-Is there any way to get user group information from current implementation?
  • 2-Is there any library available rather than adal-angular?
  • 3-Can I call graph API to get group information using JWT token which provided by azure adal-angular ?

Any suggestion please and thanks in advance.

1
angularjsazuresingle-sign-onazure-active-directoryadal

1 Answers

2
votes

you can set groupMembershipClaims to "SecurityGroup" or "All" in your app's manifest in AAD , then you can receive the users' group memberships in the id token (which gives you the user's name etc) . Please refer to document for more details.

Please refer to code sample :https://github.com/Azure-Samples/active-directory-angularjs-singlepageapp . To get group claims , update UserData.html to get ids of groups :

<p ng-repeat="value in userInfo.profile.groups">{{value}}</p>

Another way is getting group memberships from Microsoft Graph API :

POST https://graph.microsoft.com/v1.0/me/getMemberGroups
Content-type: application/json
Content-length: 33

{
  "securityEnabledOnly": true
}

For how to call an Azure AD protected Web API(microsoft graph in your scenario) in an AngularJS Single Page App . Please refer to code sample :https://github.com/Azure-Samples/active-directory-angularjs-singlepageapp-dotnet-webapi