To make your API receive the custom claim (ahNumber), you need to add it to the access token in the API's app registration, not just to the SPA's ID token.

Quick steps:

1. Go to Azure Portal > Entra ID > App registrations > your API app

2. Open Token Configuration and click "+ Add Optional Claim"

3. Select Access token, choose Custom, and add:

   • Name: ahNumber

   • Source: Attribute

   • Value: user.employeeid

4. Save and accept the claim policy if prompted

5. In the API app's Manifest, set "acceptMappedClaims": true

Now the claim will appear in the API’s ClaimsPrincipal and can be accessed like this:
User.FindFirst("ahNumber")?.Value