This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 97%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAY%3C/text%3E%3C/svg%3E)
If I set up a group claim for SAML SSO in an enterprise app the "Apply regex replace to groups claim content" is applied to a GUID that appears to having nothing to do with the group. The group object id is not the same as the id that comes out of Azure in this filter.
If I use the regex:
(?'fromAzure'.*)
and add content to the claim with:
{fromAzure}
i.e. pass-through whatever Azure is using as the "content" of the group I see a GUID that has nothing, apparently, to do with the group and is not the group object id.
Hi @Alistair Young , have you looked through this document? Can you also send a screenshot of your claim so I can reference it? Are you using the portal?