据我所知，Azure AD目前不支持发出自定义声明.

As far as I know, the Azure AD doesn't support to issue the custom claim at present.

作为一种解决方法，我们可以使用 Azure AD Graph 添加 目录架构扩展.之后，我们可以使用 Azure AD Graph 获取数据扩展，并在验证安全令牌时添加自定义声明，如下代码所示:

As a workaround, we can use the Azure AD Graph to add the directory schema extensions. After that, we can use the Azure AD Graph to get the data extension and add the custom claim when the security token is verified like code below:

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions
    {
        ClientId = clientId,
        Authority = authority,
        PostLogoutRedirectUri = postLogoutRedirectUri,
        Notifications = new OpenIdConnectAuthenticationNotifications
        {
            AuthenticationFailed = context => 
            {
                context.HandleResponse();
                context.Response.Redirect("/Error?message=" + context.Exception.Message);
                return Task.FromResult(0);
            }
            ,
            SecurityTokenValidated = context =>
            {
                //you can use the Azure AD Graph to read the custom data extension here and add it to the claims 
                context.AuthenticationTicket.Identity.AddClaim(new System.Security.Claims.Claim("AddByMe", "test"));
                return Task.FromResult(0);
            }
    });

此外，如果您对 Azure 有任何想法或反馈，可以从 这里.

In addition if you have any idea or feedback about Azure, you can submit them from here.