asp.net-coreclaims-based-identityopenid-connectazure-ad-b2c

How do I get an OID claim in ASPCore from Azure B2C


Why do I want this?

I'm trying to get a unique identifier from my user which I can connect to database records. There are reasons I don't want to use the Email as the identifier. I read that SUB claim isn't supported with B2C, and to use OID in it's place.

Steps I've Taken

So, I've set up that both of my policies return Object ID on Azure B2C:

enter image description here

I'm using individual SignIn and SignUp policies at the moment, and I get all of the claims back, including the email claim which I specified I wanted to be returned. I cannot however find a claim related to OID or SUB.

User.Claims 

Nets me the following results:

enter image description here

The single breadcrumb of hope that I have found is this claim:

Type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier

Value: Not supported currently. Use oid claim.

Questions

Have I missed some additional step that you need to perform to retrieve this particular claim?

Has anyone had any success retrieving an OID or SUB from Azure B2C?


Solution

  • I was retrieving the OID token, it's claim type was:

    http://schemas.microsoft.com/identity/claims/objectidentifier

    As can be clearly seen in my provided screenshots.