locked
[ADFS 4.0] Server Application / Client_Credentials and Roles in access token RRS feed

  • Question

  • Hello,

    im trying to setup a Server Application for my web api to access the web api by a service without user interaction. 

    I managed to obtain the access token by using the client_credentials grant type.

    The api is using authorization based on roles. How can i manage to add claims (roles) to the returned access token? Within the configuration i can only set claims on on the web api.

    I obtain the token using powershell:

    $postParams = @{grant_type='client_credentials';client_id='<id>';client_secret='<secret>'}
    
    $token = Invoke-WebRequest -Uri https://adfs/adfs/oauth2/token -Method POST -Body $postParam

    Or am i missunderstanding where the claims/roles come from?

    Thank you!



    • Edited by thepill1 Tuesday, November 21, 2017 3:03 PM
    Tuesday, November 21, 2017 3:01 PM