Custom claims in ID Token

%3CLINGO-SUB%20id%3D%22lingo-sub-2369622%22%20slang%3D%22en-US%22%3ECustom%20claims%20in%20ID%20Token%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2369622%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20there%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20looking%20for%20a%20way%20to%20return%20custom%20claims%20in%20user%20JWT%20(ID%20tokens).%20values%20inside%20custom%20claim%20object%20will%20be%20read%20from%20user%20profile.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EEx%3A%20user%20profile%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-javascript%22%3E%3CCODE%3E%7B%0A%20%20%22name%22%3A%20%22Shubham%22%2C%0A%20%20%22email%22%3A%20%22email%40example.com%22%2C%0A%20%20%22address%22%3A%20%22address1%2C%20city%2C%20country%22%2C%0A%20%20%22licenses%22%3A%20%5B%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%22number%22%3A%20%22123456789%22%2C%0A%20%20%20%20%20%20%22key%22%3A%20%22ey1234556hyuutt667%22%0A%20%20%20%20%7D%2C%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%22number%22%3A%20%22123456710%22%2C%0A%20%20%20%20%20%20%22key%22%3A%20%22ey1234556hyuutt667%22%0A%20%20%20%20%7D%0A%20%20%5D%0A%7D%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Euser%20JWT%20we%20expect%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-javascript%22%3E%3CCODE%3E%7B%0A%20%20%22https%3A%2F%2Fqlik.com%2Fclaims%2Flicenses%22%3A%20%5B%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%22number%22%3A%20%22123456789%22%2C%0A%20%20%20%20%20%20%22key%22%3A%20%22ey1234556hyuutt667%22%0A%20%20%20%20%7D%2C%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%22number%22%3A%20%22123456710%22%2C%0A%20%20%20%20%20%20%22key%22%3A%20%22ey1234556hyuutt667%22%0A%20%20%20%20%7D%0A%20%20%5D%2C%0A%20%20%22name%22%3A%20%22Shubham%20Goyal%22%2C%0A%20%20%22updated_at%22%3A%20%222021-05-19T19%3A03%3A28.104Z%22%2C%0A%20%20%22email%22%3A%20%22example%40email.com%22%2C%0A%20%20%22email_verified%22%3A%20true%2C%0A%20%20%22sub%22%3A%20%22user_id%22%2C%0A%7D%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EQuestions%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20we%20achieve%20this%20via%20Admin%20UI%3F%20If%20not%20what%20kind%20of%20config%20change%2Fcode%20change%20we%20need%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20in%20advance%20for%20your%20help.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2369622%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EID%20Tokens%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Euser%20JWT%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Frequent Visitor

Hi there,

 

I am looking for a way to return custom claims in user JWT (ID tokens). values inside custom claim object will be read from user profile.

 

Ex: user profile 

 

{
  "name": "Shubham",
  "email": "email@example.com",
  "address": "address1, city, country",
  "licenses": [
    {
      "number": "123456789",
      "key": "ey1234556hyuutt667"
    },
    {
      "number": "123456710",
      "key": "ey1234556hyuutt667"
    }
  ]
}

 

 

user JWT we expect:

 

{
  "https://qlik.com/claims/licenses": [
    {
      "number": "123456789",
      "key": "ey1234556hyuutt667"
    },
    {
      "number": "123456710",
      "key": "ey1234556hyuutt667"
    }
  ],
  "name": "Shubham Goyal",
  "updated_at": "2021-05-19T19:03:28.104Z",
  "email": "example@email.com",
  "email_verified": true,
  "sub": "user_id",
}

 

 

 

Questions:

 

Can we achieve this via Admin UI? If not what kind of config change/code change we need?

 

Thanks in advance for your help.

 

0 Replies