question

adminER-8728 avatar image
0 Votes"
adminER-8728 asked RakeshJagatap-4451 commented

SAML Unique Identifier Value

Is there a way to change the value of the SSO Unique User Identifier for a specific application?

It is using the user.userprincipalname and I need to use the email address. I don't seem to have any options and clicking the ... does nothing.

azure-ad-saml-sso
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi, if the posted answer resolves your question, please mark it as the answer by clicking the check mark. Doing so helps others find answers to their questions.

0 Votes 0 ·

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

Yes, you can change the Unique User Identifier to from user.userprincipalname to user.mail. Make sure you have met the prerequisites by signing in with an account that is either a Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the service principal.

Under Single Sign-On > SAML > User attributes and claims > Edit, you have to select "user.mail" from the dropdown and hit "save."

128026-image.png

I was able to test from my side and get it to work so it seems like it could be either a permissions error or browser latency issue. You can also try logging in from a different browser and see if that resolves it.

https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-cusomization

https://www.concurtraining.com/customers/tech_pubs/Docs/_Current/SG_Shr/Shr_SG_SSO_Mgmt.pdf



image.png (195.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.