Will we be able to add claims to Identities in Active directory? For Example:
Role Claims, instead of Group claims would be nice.
A resource claim like http://mywebsite.com/api/customers with a permission value like read,write. If Azure AD emitted a claim like this I could create a custom ClaimsAuthorizationManager to match resource, and action claims with the claims an Identity has and determine authorization.
I could create a customer in WAAD who is in a back end system with a customerId from that system. If AD could add that claim then I could use the CustomerId to filter authorization to data from my back end system based on that CustomerId
Even a simple Resource claim like http://mywebsite.com would allow me to demand that a user has the claim to get access to an entire application.
Any chance of this?
thanks
Thanks Noel