Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Salesforce - Internal users marked as External in MCAS

Copper Contributor

My users that do SSO with SAML to Salesforce from AAD are flagged as external in MCAS. That´s because username in Salesforce are missmatch. Is that possible to solve ni MCAS ?

AAD

UPN: username@domain.com 

AAD Email: firstname.lastname@domain.com

 

Salesforce

Username: firstname.lastname@hr.domain.com

Email: firstname.lastname@domain.com

FederationID: username@domain.com 

 

If I change username in Salesforce to email or upn it will be align, but my Salesforce admin are not so happy to do the changes. 

 

Thanks, Magnus

1 Reply
Hi Magnus,
You can add @hr.domain.com to the list of internal domains in MCAS for it to be marked as internal. See this for more info: https://docs.microsoft.com/en-us/cloud-app-security/general-setup#set-up-the-portal

You can also open a support ticket in MCAS and ask to match the hr domain to the main one.

Regards,
Dima