I am working on an intranet application where we have multiple MVC web applications authenticating against azure ad using OpenId. All works well with the first MVC application which redirects to azure login page and get the claims back. I want this information to be passed to the downstream MVC applications without the user logging again. I am not sure how to implement it in the best way. I cannot find the information here as well. It will be great help if someone shares can it be done.
Since you're using OpenID, why not just pass the access_token and id_token downstream. Those are all you need, and in fact, you do not need the id_token unless you want additional user-profile data. You can store the tokens in the browser or where ever else is convenient, and then including them in each request for a secure resource.