Encrypting ID Token with Cryptographic Keys in the JwtIssuer Technical Profile of a Custom Policy

Learner-6009 0 Reputation points
2024-12-22T21:44:25.7066667+00:00

Hi,

We are using Azure AD B2C custom policies and would like to know if it is possible to encrypt the ID token.

The documentation seems to indicate that only the refresh token can be encrypted, with no explicit mention of encrypting the ID token.

If it's possible to encrypt Id token as well could you please direct me to the relevant documentation /sample for this?

Additionally, is it possible to exclude the refresh token from the JwtIssuer, as we do not require it?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,645 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.