One of my project where we are displaying the group claims from Azure AD is failing because the user is part of a huge number of groups. Is there a way to check if the logged in user is part of a specific group and dispaly / filter the group claim to show only specific groups?
Asked
Active
Viewed 560 times
0
-
Hi did you check my answer? If it's helpful, you can mark it accepted. Thank you. If you have any further concern, please let me know. – Allen Wu Oct 02 '20 at 05:24
-
Hi, I want to achieve this using identity experience framework policies and want to check if a user belongs to a particular group. – Sandesh Segu Oct 02 '20 at 15:17
-
I know that you want to use custom policy. You need to create a REST function to retrieve a user’s group memberships using Graph API. See reference here: https://mrochon.azurewebsites.net/2019/05/06/using-groups-in-azure-ad-b2c/. As I suggested in my answer you need to filter with id directly with Graph API or filter with group name in your own code. – Allen Wu Oct 06 '20 at 05:05
1 Answers
1
If you are using Microsoft Graph API to get the group claim, you can filter with the group id like this:
https://graph.microsoft.com/v1.0/users/{user id}/memberOf?$filter=id eq '{group id}'
Obviously this requires you to know the group id in advance. Group name is not supported to filter.
You can also get all the groups by https://graph.microsoft.com/v1.0/users/{user id}/memberOf and filter the group name in your own code. Then return the filter result to the group claim.
Allen Wu
- 15,529
- 1
- 9
- 20