Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,436 questions
Okay, thank you
Duplicate ADFS claims in Azure
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 82%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
Skip Hofmann
341
Reputation points
Hello
First time working with saml . Can you please help me understand how to duplicate the below claims from ADFS in Azure?
{count} votes
-
James Hamil 21,546 Reputation points Microsoft Employee2021-10-04T21:21:16.723+00:00 Hi, we are investigating your issue and will update you shortly.
Best,
James
Sign in to comment
4 answers
Sort by: Most helpful
-
-
James Hamil 21,546 Reputation points Microsoft Employee
2021-10-04T21:43:56.323+00:00 Hi @Skip Hofmann , I saw that you posted a very similar question here last week: https://learn.microsoft.com/en-us/answers/questions/563987/how-to-duplicate-claim-in-azure-enterprise-apps.html
Did this answer not solve your question? Or was there something else you needed? Please let me know and I can help you further.
Best,
James -
Skip Hofmann 341 Reputation points
2021-10-04T22:56:31.733+00:00 looking for guidance on how to configure the claim rule in Azure. The provided answer didnt mention how to create the same claim rule in azure
-
Siva-kumar-selvaraj 15,546 Reputation points2021-11-02T13:46:21.01+00:00 Hello @Skip Hofmann ,
I did repro on my lab and here are my finings.
The following attributes ( user.mail , user.displayname, user.givenname & user.surname ) of users would get synchronized when you have Azure AD hybrid setup in place, here are list of attributes that are synchronized to Azure AD so configuring additional claims would be straight forward except this custom attribute "UMassISISD" which need additional configuration as explained below to achieve.
Steps to create claims to send following attributes ( user.mail , user.displayname, user.givenname & user.surname )
--
Click on Add new claim from SAML-based Sign-on and select appropriate "Source attribute" also type in "Namespace" as shown below:
Steps to create claims to send custom attribute like "UMassISISD" as NameID
---
Firstly, you need perform directory extensions as explained here to extend the schema in Azure Active Directory (Azure AD) with your own attributes (like "UMassISISD" ) from on-premises Active Directory.Once that has completed then you must see your own custom attribute in extension format like extension_1234xxxxxxxxxx789_UMassISISD from source attribute drop down as shown below when you configure NameID format. To know more about NameID format and supported attributes , then refer this guidance . Hope this helps.
------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.