Forum Discussion

DeanH's avatar
DeanH
Brass Contributor
Mar 04, 2024

App Registration query - OIDC connection

Question,

 

I am trying to establish if there is a way using an app registration/ enterprise app so that a user can authenticate to a different ID (so authentication would use something other than their UPN for that specific app)

 

I know it's best practice to use the UPN when authenticating from the IdP (Entra ID) to the SP and not use the email address as an example and the majority of apps I have configured already set UPN to match the attribute with the SP.

 

Any ideas?

 

I was looking at custom SAML tokens but got a bit lost and since this is an OIDC app (OpenID Connect and OAuth) I don't know if it applies.