应用新的Azure AD策略后未显示声明 [英] Claims not showing after applying new Azure AD Policy
问题描述
我想为我的Azure AD(ADAL)连接的C#Web应用程序添加其他声明.
I would like to add additional claims for my Azure AD (ADAL) connected C# Web application.
I've tried adding a new policy in PowerShell (per https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-claims-mapping#claims-mapping-policy-assignment) and rerunning the application. The same claims show (no more, no less).
Is there a way to add the manager field. I did not see it in this list (https://docs.microsoft.com/mt-mt/azure/active-directory/develop/active-directory-claims-mapping?view=azurermps-6.9.0)
下面是我尝试过的PowerShell Cmdlet:
Below is the PowerShell Cmdlets I tried:
New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema": [{"Source":"user","ID":"department","JwtClaimType":"role"},{"Source":"user","ID":"extensionattribute1","JwtClaimType":"userdata"}]}}') -DisplayName "CustomClaimsPolicy" -Type "ClaimsMappingPolicy"
Add-AzureADServicePrincipalPolicy -Id { Principal Object Id } -RefObjectId { Policy Id }
在C#中,我按如下方式提出要求:
In C#, I pull the claims as follows:
var claims = User.Claims.Select(claim => new { claim.Type, claim.Value }).ToArray();
推荐答案
我可以重现您的问题,PowerShell可以正常工作,但是我检查了门户网站中的user attributes
,它们不存在.这似乎是错误(不确定,如果我做错了,请纠正我),您可以在Github中打开一个问题,请记住该功能处于预览状态.
I can reproduce your issue on my side, the powershell works fine, but I check the user attributes
in the portal, they are not existing. It seems to be bug(not sure, if I do something wrong, please correct me), you could open an issue in the Github, remember the feature is in preview.
是否有添加管理员字段的方法.我没有在此列表中看到它
Is there a way to add the manager field. I did not see it in this list
您似乎无法做到这一点,请参见以下已知问题:电子邮件地址不正确通过,并且经理ID无法映射.
It seems you could not do that, see this known isse : Email address not being passed and Manager ID not available to be mapped .
这篇关于应用新的Azure AD策略后未显示声明的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!