How to add session.amr to access token custom claim

I’d like to use the session.amr value as a custom claim, so the called application can know the level of auth/security used.

However, when I use session.amr in the claim “expression”, I keep getting a user_claim_evaluation_failure in the system log.

Can someone suggest the best way to add the auth level used to the JWT token? Thanks!

If using a custom authorization server you should be able to do this with an token inline hook,

1 Like