enable all User attributes (which can be queried in the MS Graph API) as custom access token claims
There are a select few of "optional attributes" to attach to an Azure AD Access Token. Ideally, any "user" attribute can be incorporated into an access token. In our case, we need mailNickname, but I see other attributes being requested such as employeeId. We should be able to name "User" as the source and select any property available as an AD attribute attached to the user.