You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/develop/active-directory-jwt-claims-customization.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,5 @@
1
1
---
2
-
title: Customize JSON Web Token (JWT) claims
2
+
title: Customize app JSON Web Token (JWT) claims
3
3
description: Learn how to customize the claims issued by Microsoft identity platform in the JSON web token (JWT) token for enterprise applications.
4
4
services: active-directory
5
5
author: davidmu1
@@ -13,15 +13,15 @@ ms.author: davidmu
13
13
ms.custom: aaddev
14
14
---
15
15
16
-
# Customize JSON Web Token (JWT) claims
16
+
# Customize claims issued in the JSON web token (JWT) for enterprise applications
17
17
18
18
The Microsoft identity platform supports single sign-on (SSO) with most enterprise applications, including both applications pre-integrated in the Azure AD app gallery and custom applications. When a user authenticates to an application through the Microsoft identity platform using the OIDC protocol, the Microsoft identity platform sends a token to the application. And then, the application validates and uses the token to log the user in instead of prompting for a username and password.
19
19
20
-
These JSON Web tokens (JWT) used by OIDC applications contain pieces of information about the user known as *claims*. A *claim* is information that an identity provider states about a user inside the token they issue for that user.
20
+
These JSON Web tokens (JWT) used by OIDC & OAuth applications contain pieces of information about the user known as *claims*. A *claim* is information that an identity provider states about a user inside the token they issue for that user.
21
21
22
-
## Create or edit attributes and claims
22
+
In an [OIDC response](https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc), *claims* data is typically contained in the ID Token issued by the identity provider in the form of a JWT.
23
23
24
-
In an [OIDC response](https://en.wikipedia.org/wiki/OpenID), *claims* data is typically contained in the ID Token issued by the identity provider in the form of a JWT. For more information about OIDC claims, see [Microsoft identity platform ID tokens](id-tokens.md).
24
+
## View or edit claims
25
25
26
26
Besides [optional claims](active-directory-optional-claims.md), you can view, create or edit the attributes and claims issued in the OIDC token to the application. To edit claims, open the application in Azure portal through the Enterprise Applications experience. Then select **Single sign-on** blade in the left-hand menu and open the **Attributes & Claims** section.
27
27
@@ -96,7 +96,7 @@ You can use the following functions to transform claims.
96
96
97
97
If you need other transformations, submit your idea in the [feedback forum in Azure AD](https://feedback.azure.com/d365community/forum/22920db1-ad25-ec11-b6e6-000d3a4f0789) under the *SaaS application* category.
98
98
99
-
## RegexReplace() transformations
99
+
## How to use the RegexReplace() Transformation
100
100
101
101
:::image type="content" source="./media/active-directory-jwt-claims-customization/regexreplace-trasform.png" alt-text="Screenshot of multiple claims transformation.":::
0 commit comments