AzureAD Auth not returning HasClaim value

I am trying to leverage the Azure AD for authentication and I can’t for the life of me return group membership.

I have my app registration correct and set my manifest to return group membership (I think).

“groupMembershipClaims”: “All”,

When I try to output my $User variable, it doesn’t have any properties associated with it. All I get back is the username of the person that signed in… It doesn’t recognize the $User.HasClaim(“groups”,"") section.

Am I missing something? I do get the $AccessToken and $IdToken variables back, but I am not getting group membership or don’t see how to access it.

Any help anyone can give would be awesome.

Product: PowerShell Universal
Version: 2.0.3

Are you doing this in a dashboard? The only place that you’ll have claim information at the moment is within the roles.ps1.

We could certainly enhance this though to pass through the claims to the dashboard.

I was trying to find a way to verify that it was returning data correctly prior to enabling the roles to make sure I am configuring everything correctly.

What you can do is create a custom role in roles.ps1 and use HasClaim in there. Then inside your dashboard, you will have a $Roles array that will contain each role the user is a part of.

Thank you.