Skip to content

Commit 3dc2ef4

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #208581 from xuehongg/mybranch6
clarify array value is not supported for OAuth claims
2 parents 23a6440 + a8243d8 commit 3dc2ef4

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

articles/logic-apps/logic-apps-securing-a-logic-app.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ services: logic-apps
55
ms.suite: integration
66
ms.reviewer: estfan, rarayudu, azla
77
ms.topic: how-to
8-
ms.date: 05/01/2022
8+
ms.date: 08/19/2022
99
ms.custom: ignite-fall-2021
1010
---
1111

@@ -663,10 +663,10 @@ In the [Azure portal](https://portal.azure.com), add one or more authorization p
663663

664664
![Provide information for authorization policy](./media/logic-apps-securing-a-logic-app/set-up-authorization-policy.png)
665665

666-
| Property | Required | Description |
667-
|----------|----------|-------------|
668-
| **Policy name** | Yes | The name that you want to use for the authorization policy |
669-
| **Claims** | Yes | The claim types and values that your logic app accepts from inbound calls. The claim value is limited to a [maximum number of characters](logic-apps-limits-and-config.md#authentication-limits). Here are the available claim types: <p><p>- **Issuer** <br>- **Audience** <br>- **Subject** <br>- **JWT ID** (JSON Web Token identifier) <p><p>At a minimum, the **Claims** list must include the **Issuer** claim, which has a value that starts with `https://sts.windows.net/` or `https://login.microsoftonline.com/` as the Azure AD issuer ID. For more information about these claim types, review [Claims in Azure AD security tokens](../active-directory/azuread-dev/v1-authentication-scenarios.md#claims-in-azure-ad-security-tokens). You can also specify your own claim type and value. |
666+
| Property | Required | Type | Description |
667+
|----------|----------|------|-------------|
668+
| **Policy name** | Yes | String | The name that you want to use for the authorization policy |
669+
| **Claims** | Yes | String | The claim types and values that your workflow accepts from inbound calls. Here are the available claim types: <br><br>- **Issuer** <br>- **Audience** <br>- **Subject** <br>- **JWT ID** (JSON Web Token identifier) <br><br>Requirements: <br><br>- At a minimum, the **Claims** list must include the **Issuer** claim, which has a value that starts with `https://sts.windows.net/` or `https://login.microsoftonline.com/` as the Azure AD issuer ID. <br>- Each claim must be a single string value, not an array of values. For example, you can have a claim with **Role** as the type and **Developer** as the value. You can't have a claim that has **Role** as the type and the values set to **Developer** and **Program Manager**. <br>- The claim value is limited to a [maximum number of characters](logic-apps-limits-and-config.md#authentication-limits). <br><br>For more information about these claim types, review [Claims in Azure AD security tokens](../active-directory/azuread-dev/v1-authentication-scenarios.md#claims-in-azure-ad-security-tokens). You can also specify your own claim type and value. |
670670
|||
671671

672672
1. To add another claim, select from these options:

0 commit comments

Comments
 (0)