How can we improve Azure Active Directory?

Get user membership groups in the claims with AD B2C

As it's possible in the standard AD by changing the API application manifest option "groupMembershipClaims" to "SecurityGroup", is it possible to return user membership group in the claims with AD B2C?

Now, we can have only the default and custom attributes by adding a signin policy, but it's impossible to get user membership groups.

1,020 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Alexandre Blecich shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

We definitely recognize the popularity of this feature, and we discuss it constantly during the planning phases. However there are certain technical limitations in the system that add a large amount of development cost. Because of the cost and the fact that there is a workaround available, other features get prioritized over this one.

That being said, please keep voting for it. The popularity of the feature does help bring it up and makes us reconsider every time.

Apologies for the delay.

/Parakh


Old message:
We’re doing some research both on the specifics of this ask as well as what it would take to support this.
Is the ask here to do the same thing that regular Azure AD does (see: https://blogs.technet.microsoft.com/enterprisemobility/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles/) or is are there different requirements around this for Azure AD B2C?

66 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    We are trying to move from stormpath to azure and find that azure is lacking this capability. Spending days making a service user that can query the graph API for this is tedious.!

  • Greg Fyans commented  ·   ·  Flag as inappropriate

    Is there an update to Alexander's suggestion? It would seem to me this is a popular use case for applications using B2C, as B2C is essentially a replacement for more common membership providers that have such functionality.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Hi Alexandre - This is a good suggestion. Thank You. We will add this to our backlog. For now, you could query using Graph - not the desired method but it would work.
    Devindra (Program Manager Azure AD B2C - Microsoft)

  • Alexander Viken commented  ·   ·  Flag as inappropriate

    This would be very useful for instance when you create a B2C directory and could split users into ie. "subscribers" or "non-subscribers" groups. and create [Authorize(Roles = "subscribers")] attributes for your viewControllers without a lot of custom code.

1 2 4 Next →

Feedback and Knowledge Base