I created a Azure B2C tenant and i created custom IDP for Azure Active Directory (AD). I created the user flow from B2C to federate to the Azure AD and get the access token.
Steps that i have followed.
- Created azure AD application
- Generated a secret
- Created custom roles
- Assigned custom roles to users from AD Enterprise Applications
- Created an IDP in B2C
- Created B2C app
- Created a login policy
- Added IDP for federation
- Run the user flow
- Login by federation
The azure AD successfully retrieves the token (idp_access_token
) as a result of federation. but the issue is the token that retrieve from the azure AD does not contains roles claim. I have created two app roles and assigned them to user. But i couldn't see any roles inside the token.
I followed following documentation. https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps
Isn't this not valid for federations? What is the exact way to get assigned app roles by federation.
Here is the required details to create B2C IDP.
How to map these details with scope solution?