I'm using the authorization flow supported in ADFS 3.0 in the following way,
However, the access token is missing the user identity and MyService is unable to identify the user.
The access token has the following JWT information.
{ "aud": "urn:relying:party:trust:identifier",
"iss": "http://ms.cloud.com/adfs/services/trust",
"iat": 1452875046,
"exp": 1452878646,
"auth_time": "2016-01-15T15:35:20.248Z",
"authmethod": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
"ver": "1.0",
"appid": "my-app" }
Can someone inform me as to how can MyService identify the user once it gets the access token from ADFS?
claim rules in relying party trust need to define the claims to be sent as part of JWT token. Once we added the claim rules for email, name etc, the information was added to the JWT access token.