-
To not let Microsoft Identity to override claim names you have to use
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();just before theapp.UseAuthentication()in the API startup. -
Use direct “sub” claim instead of ClaimThypes.NameIdentifier e.g.
var id = this.User.FindFirstValue("sub");
For further reference please see detailed discussion on it:
https://github.com/IdentityServer/IdentityServer4/issues/2968#issuecomment-510996164