Apr 30 2020
- last edited on
Jan 14 2022
I know it's possible to send security group names in SAML response using the group claim in Azure AD.
But is it possible to filter groups based on some criteria? Suppose there's a requirement to send only those groups in SAML response that contain "Office365", can that be accomplished using RegEx, AAD PowerShell or Graph API?
Thanks in advance.
May 16 2020 04:21 PM
Sep 02 2020 05:56 AM
I came here looking for an answer to the same question, and I'm not following your suggestion. I don't see any way to filter the group membership. The documentation provides three "advanced" options:
I don't see anything about filtering... can you elaborate?
Jun 02 2021 08:23 AM
Jun 02 2021 11:22 AM
In the Azure AD Application "Users and Groups" you can require a group named O365_Users.
Then in the Group Claims, you can select the option to only send the groups that are associated with the application.
So the filtering is basically done by adding the groups to the application, then only those groups would be sent. Make sense?
Jun 15 2021 01:34 PM
Since you gave the options "Groups Assigned to the Application", I have one more question for you. If you can plz help.
After I select "Groups Assigned to the Application", I want to assign about 4500 groups to the app. I have thousands of users using the app however no users group membership will go past 100. My question is :
How can we bulk assign Groups to my App ? Portal does not give the option.
Jun 15 2021 11:20 PM