Register a custom Service Authorization Manager that implements Check Access In this method, use System. Convert. Change Type to transform the incoming claim set to a Windows Claim Set type.
Apply a Principal Permission attribute on the operation with the required claims listed in the Roles property.
Within the operation, verify the presence of the required claims in the current Authorization Context
Register an Authorization Policy that maps external claims to an internal Claim Set.