Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
preferred_username claim from Azure AD v2 endpoint not available in the HttpContext.User.Identity.Claims collection
See original GitHub issueI have tried to set the default claim mapping off using the following line of code, and this shows all the other claims that AAD sends in the id_token, but preferred_username is still not there.
JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
How can I get the value of preferred_username in the claims collection?
Issue Analytics
- State:
- Created 4 years ago
- Comments:9 (4 by maintainers)
Top Results From Across the Web
preferred_username claim from Azure AD v2 endpoint not ...
Once the user signs in, examine the HttpContext.User.Identity.Claims collection. The preferred_username is not present. Expected behavior. If ...
Read more >OpenId/AzureAd - wrong value in HttpContext.User.Identity. ...
Our project uses Azure AD to authenticate users. After migration from .net core 3 to .net core 6 we started to get Claim...
Read more >Using MSAL.NET to get tokens by authorization code (for ...
ValidateAadIssuer; // Set the nameClaimType to be preferred_username. // This change is needed because certain token claims from Azure AD v1.0 ...
Read more >Configure optional claims - Microsoft Entra
Learn how to configure optional claims in tokens issued by Microsoft identity platform.
Read more >Mapping, customizing, and transforming claims in ASP. ...
In this article. Mapping claims using OpenID Connect authentication; Name claim and role claim mapping; Claims namespaces, default namespaces ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
After analyzing the problem using this sample, we were expecting the preferred_username to be in the bearer token, but it is not since the bearer token is the access token acquired on the client side. The access token doesn’t have the claim preferred_username, thus we wont see it in the claims collection as expected.
I am closing this issue because the result is as expected.
Hi @TiagoBrenck - nothing has changed except that oid, sub, and tid claims types are no longer mapped to default claim types, which is as expected. The preferred_username claim is still there and accessible via
HttpContext.User.Identity.Name.