Entra ID custom claims in ID-Token, UserInfo
With Entra ID "Custom claims provider" it seems to be possible to add claims to the Access Token.
https://learn.microsoft.com/en-us/entra/identity-platform/custom-extension-get-started
Is it also possible to add claims to ID token and UserInfo endpoint?
Yes, it's possible to add custom claims to ID token using Entra ID "Custom claims provider". But for the /userinfo endpoint, it's not possible as it returns only specific claims.
In my case, I followed same document and created one Function app with HTTP Trigger function by editing code and got its function URL:
Now, I configured one custom authentication extension named Token issuance event and added function URL here:
In Azure AD, I registered one application by enabling implicit flow options and changed below properties in Manifest tab:
Then I assigned a custom claims provider to the application by adding claims like this:
In the Function App, I added Microsoft as identity provider in Authentication tab:
To test the application, I ran the below authorization request in a browser and got an ID token with custom claims successfully like this:
https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/authorize?client_id={AppID}&response_type=id_token&redirect_uri=https://jwt.ms&scope=openid&state=12345&nonce=12345
