Hi all,

Does anyone have some simple explanation video’s or guides or presentations for me on custom claims in AAD? I don’t understand the schema to be used in the configurations.. In my mind it should be something like:

  • Name of the claim to be sent
  • Value of the claim to be sent
    • Can be sourced from AAD object (user/company/device) (if null, it’s a static value)
    • If sourced: attribute map in AAD to be used
    • If not sourced: static value to be sent

I am trying to add some additional claim entries for users accessing an application.

For example the code below:

New-AzureADPolicy -Definition @('{"ClaimsMappingPolicy":{"Version":1,"IncludeBasicClaimSet":"true", "ClaimsSchema": [{"Source":"user","ID":",mail","JwtClaimType":"mail"}]}}') -DisplayName "ExtraClaimsExample" -Type "ClaimsMappingPolicy"


But that doesn’t inject the mail address unfortunately, at least I don't see it in my claims app.

Secondly I want to inject a static value for every user without consulting a source directory. For example: ICAOCODE=USA. Where ICAOCODE is the attribute, and USA the fixed string value. But when I state "source": null, "value"; USA, 'JwtClaimType": "extension<appID>ICAOCODE -- the command does not accept it.

So I even tried it using the optionalClaims in the app manifest and while source:null is accepted here, the additionalproperties value is not sent in the claim at all. But also here, mail is empty and the ICAOCode is not sent either. <<app Manifest>>


  "optionalClaims": {

    "idToken": [





        "additionalProperties": [








        "additionalProperties": [





But even that shows nothing in my app itself ☹

Any hints?