diff --git a/src/Plugin/OpenIDConnectClient/WindowsAad.php b/src/Plugin/OpenIDConnectClient/WindowsAad.php
index 6836a86f..93a170ad 100644
--- a/src/Plugin/OpenIDConnectClient/WindowsAad.php
+++ b/src/Plugin/OpenIDConnectClient/WindowsAad.php
@@ -136,6 +136,11 @@ public function buildConfigurationForm(array $form, FormStateInterface $form_sta
       '#default_value' => !empty($this->configuration['hide_email_address_warning']) ? $this->configuration['hide_email_address_warning'] : '',
       '#description' => $this->t('By default, when email address is not found, a message will appear on the screen. This option hides that message (as it might be confusing for end users).'),
     ];
+    $form['use_v2'] = [
+      '#title' => $this->t('Enable v2.0'),
+      '#type' => 'checkbox',
+      '#default_value' => !empty($this->configuration['use_v2']) ? $this->configuration['use_v2'] : 0,
+    ];
 
     return $form;
   }
@@ -211,7 +216,7 @@ public function retrieveTokens($authorization_code) {
       // Expected result.
       $tokens = [
         'id_token' => $response_data['id_token'],
-        'access_token' => $response_data['access_token'],
+        'access_token' => ($this->configuration['use_v2'] == 1) ? $response_data['id_token'] : $response_data['access_token'],
         'refresh_token' => isset($response_data['refresh_token']) ? $response_data['refresh_token'] : FALSE,
       ];
       if (array_key_exists('expires_in', $response_data)) {
@@ -245,7 +250,7 @@ public function retrieveUserInfo($access_token) {
     // affect the data we collect and use in the Userinfo array.
     switch ($this->configuration['userinfo_graph_api_wa']) {
       case 1:
-        $userinfo = $this->buildUserinfo($access_token, 'https://graph.windows.net/me?api-version=1.6', 'userPrincipalName', 'displayName');
+        $userinfo = $this->buildUserinfo($access_token, 'https://graph.windows.net/me?api-version=1.6', 'userPrincipalName', 'name');
         break;
 
       case 2:
@@ -301,15 +306,20 @@ private function buildUserinfo($access_token, $url, $upn, $name) {
     $client = $this->httpClient;
 
     try {
-      $response = $client->get($url, $options);
-      $response_data = (string) $response->getBody();
-
-      // Profile Information.
-      $profile_data = json_decode($response_data, TRUE);
+      // use_v2
+      if ($this->configuration['use_v2'] == 1 && $access_token) {
+        $profile_data = $this->decodeIdToken($access_token);
+      }
+      else {
+        $response = $client->get($url, $options);
+        $response_data = (string) $response->getBody();
+        // Profile Information.
+        $profile_data = json_decode($response_data, TRUE);
+      }
       $profile_data['name'] = $profile_data[$name];
 
-      // Azure provides 'mail' for userinfo vs email.
-      if (!isset($profile_data['mail'])) {
+      // Azure provides 'mail' for userinfo vs email only for v1.
+      if (!$this->configuration['use_v2'] && !isset($profile_data['email'])) {
         // See if we have the Graph otherMails property and use it if available,
         // if not, add the principal name as email instead, so Drupal still will
         // create the user anyway.
@@ -348,6 +358,10 @@ private function buildUserinfo($access_token, $url, $upn, $name) {
           $profile_data['email'] = $profile_data[$upn];
         }
       }
+      // use_v2
+      elseif ($this->configuration['use_v2'] && isset($profile_data['emails'])) {
+        $profile_data['email'] = reset($profile_data['emails']);
+      }
       else {
         // OpenID Connect module expects the 'email' token for userinfo.
         $profile_data['email'] = $profile_data['mail'];