1.Trying to implement role-based access control (RBAC) to replace existing scopes with role-based scopes in access tokens.
2.The application currently uses scopes "openid", "offline_access", and "managementapi:allowall" for authorization.
3.However, I want to replace these scopes with role-based scopes in access token. Specifically, the role associated with the user only has one scope, which is "managementapi:allowall".
Below is my code
context.IssuedClaims.RemoveAll(c => c.Type == "scope");
foreach (var scope in roleMappedScopes)
{
if (allowedScopes.Contains(scope))
{
claims.Add(new Claim("scope", scope));
}
}
context.IssuedClaims = claims;
But in access token only application scopes are returning to scope claim.