Dungeon Hunter
Reputation: 20603
Avoiding Personal information in the JWT Token issued by Azure AD
I have been using OpenID Connect workflow with azure active directory and getting the ID token which in turn is a JWT. Decoding the JWT token i can see few personal information attributes (PII) such as firstname, lastname and email. Is there any way to inform the Azure AD that to avoid sending these attributes as part of the JWT token.
Thanks.
Upvotes: 1
Views: 284
Answers (1)
Jean-Marc Prieur
Reputation: 1649
Azure AD v2.0 does not include them by default. See https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims
Upvotes: 4
Related Questions
- Azure AD Custom Claims in JWT
- Issue with jwt-bearer on-behalf-of grant in Azure AD
- Access Token JWT validation
- Specifying Client secrets in JwtBearerOptions for Azure Active Directory authentication
- Login to my API using an Azure AD JWT (id_token)
- Azure AD JWT Token Validation options
- Securing API with client credentials via Azure AD
- Azure Active Directory JWT aud value
- JWT Token based Authentication in Azure AD
- What JWT claims from Azure AD tokens can be safely used for user mappings?