I have a rule defined that attaches a custom claim to the id_token, and it works for social logins. However, for enterprise (AD/ADFS) connectors, even though I see the rule doing its thing (via console logs), the claim apparently gets stripped back off after the rule runs.
Thanks for any insight.
Hmm, can I delete a post? My statement above is wrong.
I had one application configured for social+enterprise, and the other just enterprise, and the custom claims seemed to be working for the former but not the latter – but I didn’t try the first one with the enterprise login until just now.
So the id_token decoration is working for one app and not the other. Looking at this.
Ignore my previous two posts.
The actual issue is that if I use a responseType
of ‘token id_token’ in the WebAuth
API call, then the custom claim that I apply to the id token via a rule is ignored.
Thank you a lot for sharing it with the rest of community!