Reputation: 11
Are email, address, and phone scope types supported in AdalJS/openid/oauth2?
I am using the AdalJS v1.0.8 library to authorize users against an Azure AD endpoint, and was wondering if the &scope types for email, address, and phone are supported in AdalJS/openid/oauth2.
My authorization endpoint URL:
https://login.microsoftonline.com/{tenant id}/oauth2/authorize?response_type=id_token&client_id={client id}&redirect_uri={my redirect uri}&state=2af81ff1-89ca-4f23-825d-ca29177c3df5&client-request-id=2f82e417-630b-4318-88ed-c35103046249&x-client-SKU=Js&x-client-Ver=1.0.7&nonce=4c03cbca-03b2-4a53-acc6-1177f499969a&prompt=login&scope=openid+profile+email+address+phone
After the login page appears and the user enters their credentials, the token comes back successfully and I can see the user's profile object when calling AuthenticationContext.getCachedUser(). However, I do not see email, address, or phone information being returned even though these scope types are requested in the &scope query string parameter.
Upvotes: 1
Views: 142
Answers (1)
Reputation: 141662
Look inside the profile object. You might find the additional information in there.
{
"sub": "248289761001",
"name": "Jane Doe",
"given_name": "Jane",
"family_name": "Doe",
"preferred_username": "j.doe",
"email": "[email protected]",
"picture": "http://example.com/janedoe/me.jpg"
}
Upvotes: 0
Related Questions
- Azure Static web app - Custom Identity Auth with Azure AD
- OpenIdConnect Behaviour Visual Studio vs Azure
- Get token for OAuth2 protected API in PowerShell
- Consent prompt does not ask for all permissions which are set in AD App after moving to v2.0 authority
- Azure smartcard auth
- Azure AD Easy Auth expires with CORS Error
- ADAL.js not working in Microsoft personal account