I have secured my Angular 7 application by using msal.js. I've created a custom policy that returns custom claimtypes in the id_token and in the access_token. To achieve this, I've been following this tutorial: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-custom-rest-api-netfw. When I use the acquireTokenSilent() msal.js method, the JWT token does not contain the custom claims (contract, fileUploadAllowed).
When I use the "Run Now" button on the Custom Policy pane in Azure, I do receive an access_token that has the custom claims.
The payload of the JWT token thats is generated by running the policy in Azure (Changed some of the values):
{
"iss": "https://login.microsoftonline.com/guid/v2.0/",
"exp": 1548416392,
"nbf": 1548455092,
"aud": "c152h904-835a-496f-8919-e74f5013374c",
"contract": "Contract03",
"fileUploadAllowed": false,
"sub": "25a6ec11-16fd-477a-8917-e0728c69e1db",
"nonce": "defaultNonce",
"scp": "portal.read user_impersonation",
"azp": "c154c904-835a-496f-8919-e74f5087384c",
"ver": "1.0",
"iat": 1542213053
}
The payload of the JWT token (access_token) that is generated by msal.js:
{
"iss": "https://login.microsoftonline.com/guid/v2.0/",
"exp": 1548416396,
"nbf": 1548455092,
"aud": "c152h904-835a-496f-8919-e74f5013374c",
"sub": "25a6ec11-16fd-477a-8917-e0728c69e1db",
"nonce": "e6df86c9-7c19-4cb5-a4ac-1aa2a89b1951",
"scp": "portal.read user_impersonation",
"azp": "c154c904-835a-496f-8919-e74f5087384c",
"ver": "1.0",
"iat": 1542213953
}
I want to receive the custom claims in the access_token that is generated by msal.js. Does anyone know what I should do in order to make this work?
Thank you.