question

Edeejay-1705 avatar image
0 Votes"
Edeejay-1705 asked sikumars-msft commented

ADFS to Azure

Hi everyone

I have a question...
Is “upn” claim with ADFS the same as “name” claim with Azure (the values are the same on my app) ¿?

adfs-to-aad-migration
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @Edeejay-1705,

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,

0 Votes 0 ·
sikumars-msft avatar image
0 Votes"
sikumars-msft answered

Hello @Edeejay-1705,

Thanks for reaching out.

Yes, name claim( http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name ) mapped with user.userprincipalname source attribute as additional claims for enterprise application. This is default claims which can be verified from User attributes & claims setting as shown below and this can be modified as required by adding new claim and deleting default one.

129952-image.png

129953-image.png

129878-image.png

Hope this helps.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.



image.png (74.3 KiB)
image.png (58.1 KiB)
image.png (63.1 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Edeejay-1705 avatar image
0 Votes"
Edeejay-1705 answered sikumars-msft commented

@sikumars-msft Thanks for your reply.

I want to make this change only for an app, Is this posible? It´s like you are explain?

Thanksss

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.


Cloud you please help me understanding in detail? are you expecting to get upn claim directly instead through name claim for particular app that you integrated with AAD in Enterprise Application? if so then create new claim as shown below:

129970-image.png


0 Votes 0 ·
image.png (95.2 KiB)
Edeejay-1705 avatar image
0 Votes"
Edeejay-1705 answered sikumars-msft edited

@sikumars-msft
Yes It´s only for one app in particular that we want to login via oAuth2.
Now, This app is logging throw ADFS using UPN.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Above steps mentioned previous were for SAML authentication, in case of Oauth authentication (JWT based Access_token) then UPN (UserPrincipalName) claim is automatically included see below jwt token for your reference, you can manage these claims from Token Configuration blade from azure AD, to learn more refer how to configure optional claim to your application. Hope this helps

JWT Access_token:

130222-image.png

Add optional claim:
130262-image.png


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


0 Votes 0 ·
image.png (84.9 KiB)
Edeejay-1705 avatar image
0 Votes"
Edeejay-1705 answered sikumars-msft commented

@sikumars-msft

I´m configuring that from "app registration..."
I´ll send your comments to my partners...

UPN claim, on Oauth Authentication, is automatically included.
I don´t have to configure anything on this registered app.

Sorry ...

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Certainly, and let me know how that goes also please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

0 Votes 0 ·

@Edeejay-1705,

I just wanted to check in and see if you had any other questions or if you were able to resolve this issue? If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.


Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

0 Votes 0 ·