Add custom claims from an AzureAD ID-Token to the Auth0 user profile
Auth0 user profiles based on AzureAD identities only include standard OIDC claims. Any custom claims that are included in the ID-Token from AzureAD are discarded.
This behavior is different from other connection types (like OIDC connection), which take custom claims from the external identity and include them in the Auth0 profile.
Among others uses, our current use-case is a situation where we are trying to automatically map an external identity (in AzureAD) to a user account in our database. The only reliable value we have available for some of our customers is an “employee id”, which is not a standard claim, and therefore is completely unavailable to us after switching to Auth0.
Some of our customers require that we use the AzureAD Common Endpoint, which is not supported by the Auth0 OIDC connection, so we cannot change connection type to work around this.