-
Notifications
You must be signed in to change notification settings - Fork 337
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MSI CAE Claims handling - claims merging issue #4447
Comments
Also, the proposed changes would likely introduce a regression in the other CAE flows (user auth) |
reviewed the issue and modified the expected. it's more of an issue on merging. newtonsoft merge works but we may need to write our own merge logic for system.text.json |
With SLC CAE, the claims we get back from ESTS is,
And the merged claims and capab should be like this,
In MSAL .NET, we build claims and capab with
access_token
andxms_cc
, but with the new incoming claim, we fail to do a proper merge, instead just return the incoming claim without the capab.All MSAL's need to check if this is being properly handled.
The text was updated successfully, but these errors were encountered: