Claims not showing after applying new Azure AD Policy

0
votes

I would like to add additional claims for my Azure AD (ADAL) connected C# Web application.

  1. I've tried adding a new policy in PowerShell (per https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-claims-mapping#claims-mapping-policy-assignment) and rerunning the application. The same claims show (no more, no less).

  2. Is there a way to add the manager field. I did not see it in this list (https://docs.microsoft.com/mt-mt/azure/active-directory/develop/active-directory-claims-mapping?view=azurermps-6.9.0)

Below is the PowerShell Cmdlets I tried:

New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema": [{"Source":"user","ID":"department","JwtClaimType":"role"},{"Source":"user","ID":"extensionattribute1","JwtClaimType":"userdata"}]}}') -DisplayName "CustomClaimsPolicy" -Type "ClaimsMappingPolicy"

Add-AzureADServicePrincipalPolicy -Id { Principal Object Id } -RefObjectId { Policy Id }

In C#, I pull the claims as follows:

var claims = User.Claims.Select(claim => new { claim.Type, claim.Value }).ToArray();
1
c#azurepowershellazure-active-directory

1 Answers

0
votes

I can reproduce your issue on my side, the powershell works fine, but I check the user attributes in the portal, they are not existing. It seems to be bug(not sure, if I do something wrong, please correct me), you could open an issue in the Github, remember the feature is in preview.

enter image description here

enter image description here

Is there a way to add the manager field. I did not see it in this list

It seems you could not do that, see this known isse : Email address not being passed and Manager ID not available to be mapped .