Reputation: 43
How to get memberId from Azure token_id
I need to check whether authenticated user is present in the group or not, So we need to make a call as below:
POST https://graph.windows.net/myorganization/isMemberOf?api-version
Content-Type: application/json
{ "groupId": "5e624f44-d38d-4943-b07c-2bad078f52ff",
"memberId": "ea59e4d3-a7a1-4b5b-b65f-a25fcc0c0f99" }
From where do we get the memeberId from the this.adalService.userInfo after user is authenticated. Below is the response I got, from the below response is there any property belong to memeberId.
Upvotes: 0
Views: 396
Answers (1)
Reputation: 58898
It's definitely the user's object id. In this case it is the oid claim. In your image: this.adalService.userInfo.profile.oid.
More info on claims in ID tokens can be found here: https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-token-and-claims#idtokens
oid
Object ID
Contains a unique identifier of an object in Azure AD. This value is immutable and cannot be reassigned or reused. Use the object ID to identify an object in queries to Azure AD.
That function can be used to check group membership for users, groups, contacts or service principals. In all cases the memberId should be the objectId of the corresponding object.
Though it seems you are receiving member groups in the groups claim, why not use that?
Upvotes: 1
Related Questions
- How to read ID Token using MSAL
- How to get the Azure AD objectid of the signed in user?
- Get Azure Authentication token from user/password - no clientId given
- Get Azure Active Directory Token with username and password
- Azure AD bearer token - Get User identifier
- How to retrieve the userid from userprincipalname in azure active directory?
- How to get access token from Azure AD for TokenCredentials?
- how to generate token from azure AD app client id?
- Getting User's Token Subject Identifier (sub) From Within Azure AD
- How get id_token based on access_token