I have followed the below stackoverflow link ( The answer provided by Allen Wu) How to add a custom claim and retrieve the same as part of access_token, when the scope is not Graph API in Azure AD?
to add a custom claim in access token. But I am getting an error when I am trying to
Assign the claimsMappingPolicy to a servicePrincipal.
I have opened microsoft graph and executed a POST call like so -
https://graph.microsoft.com/v1.0/servicePrincipals/8b6e2827-b3fa-467b-940d-324c301ca606/claimsMappingPolicies/$ref
with the request body
{
"@odata.id":"https://graph.microsoft.com/v1.0/policies/claimsMappingPolicies/fce7f260-9598-426d-b8c2-7e589b25415b"
}
but I am getting a 409 Response code with the following response preview :
{
"error": {
"code": "Request_MultipleObjectsWithSameKeyValue",
"message": "Request contains property changes that would result in property-uniqueness violation(s). Please retry your request with corrected values.",
"innerError": {
"date": "2020-10-18T06:32:23",
"request-id": "ae69cb4f-716d-4d56-a123-572c76ace2e0",
"client-request-id": "29b0130e-8b7a-d09d-1188-2856c99dad8e"
}
}
}
It means the servicePrincipal has been assigned a claimsMappingPolicy.
If you assign another claimsMappingPolicy to it, you will get the 409 Conflict error.
You need to List assigned claimsMappingPolicy first and then Remove claimsMappingPolicy.
Now you can assign claimsMappingPolicy to the servicePrincipal.