I've got a SPA application that uses MSAL to obtain an identity token for a user authenticating against our AAD. We have a one-way sync from our on-prem AD to our AAD and the on-prem SID is stored in the AAD.
When I was using ADAL to obtain a token, I actually received the on-prem SID as part of the identity token; however, that changed when switching to MSAL.
I'm curious if there is some way to add the on-prem SID claim to the token returned from the v2 endpoint?
AFAIK , Azure AD V2.0 doesn't support to issue the custom claim at present. You can send feature request to Azure AD Feedback Forum .