User Roles in a Azure AD SSO Scenario

[satishkbg]

I have IdServerv2 setup as a Federation Gateway with Azure AD. The flow is working perfectly between Partner app -> AAD -> MyIdSvrV2 <-> MyApp

I can get the logged in username, but how do I manage Roles?
I tried to look into the incoming Claims, but it contains everything except roles and nor the User.IsInRole() method helping.

How do we achieve user role mapping in this scenario?
I want to be able to impose MyApps role based security on the user authenticated by external identity provider as well.

Thanks.