SAML 2.0 - Single Sign on - Custom App - User Attributes

Question

When setting up a third party application for SSO. The user attributes "Value's" always start with "user."&nbsp; (e.g. user.userprincipalname, user.mail, user.surname, etc.)&nbsp;
&nbsp;
Can I edit out the initial "user." or is this necessary for Azure (e.g. userprincipalname, mail, surname)
&nbsp;
Thanks for any help

ruudgijsbers · Answer

Hi Andres,
&nbsp;
As far as I know, this is the way Azure AD works. It points out that it's going to use the userprincipname attribute from the user. Or the mail attribute from the user. You could for example also add group attributes to SAML. Then it would be group.mail, or group.name.
&nbsp;
So the user. is to point out that you're using a user attribute and the userprincipalname, mail or surname part is to point to the actual attribute.
&nbsp;
Best regards,
Ruud Gijsbers

andres martin garcia · Answer

Thank you Ruud! This is exactly what I needed

Forum Discussion

SAML 2.0 - Single Sign on - Custom App - User Attributes

2 Replies

Resources