Azure Graph API Claims Transformation Join()

Avinash Banjan 1 Reputation point
2022-11-15T14:58:42.633+00:00

Hi,

I'm trying to create custom SAML claims mapping using ExtractMailPrefix() and Join() with seperator (-), but it doesn't seem to work, Can someone pls help or can point me to some examples which are using Join() transformation (graph api)

trying to extract userpricipalname prefix and join with the role

userprincipalname: username@test .com
role: cloudadmin

e.g: expected output: username-cloudadmin

"{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"false\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userprincipalname\"},{\"Source\":\"user\",\"ID\":\"assignedroles\",\"SamlClaimType\": \"roles\"},{\"Source\":\"user\",\"ID\":\"displayname\",\"SamlClaimType\": \"name\"},{\"Source\":\"user\",\"ID\":\"mail\",\"SamlClaimType\": \"email\"},{\"Source\":\"transformation\",\"ID\":\"ExtractPrefix\",\"TransformationId\":\"ExtractThePrefix\",\"SamlClaimType\":\"username_prefix\"},{\"Source\":\"transformation\",\"ID\":\"JoinPrefix\",\"TransformationId\":\"JoinThePrefix\",\"SamlClaimType\":\"joined_prefix\"}],\"ClaimsTransformations\":[{\"ID\":\"ExtractThePrefix\",\"TransformationMethod\":\"ExtractMailPrefix\",\"InputClaims\":[{\"ClaimTypeReferenceId\":\"userprincipalname\",\"TransformationClaimType\":\"mail\"}],\"OutputClaims\":[{\"ClaimTypeReferenceId\":\"ExtractPrefix\",\"TransformationClaimType\":\"outputClaim\"}]},{\"ID\":\"JoinThePrefix\",\"TransformationMethod\":\"Join\",\"InputClaims\":[{\"ClaimTypeReferenceId\":\"userprincipalname\",\"TransformationClaimType\":\"mail\"},{\"ClaimTypeReferenceId\":\"assignedroles\",\"TransformationClaimType\":\"mail\"}],\"InputParameters\": [{\"ID\":\"separator\",\"Value\":\"-\"}],\"OutputClaims\":[{\"ClaimTypeReferenceId\":\"JoinPrefix\",\"TransformationClaimType\":\"outputClaim\"}]}]}}"

Help Appreciated !

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,691 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. James Hamil 14,196 Reputation points Microsoft Employee
    2022-11-15T21:42:03.023+00:00

    Hi @Avinash Banjan , have you seen this thread's answer? Please let me know if that works or points you in the right direction. Let me know if not and I can help you further.

    Best,
    James

    0 comments
  2. Swapnil Maldhure 6 Reputation points Microsoft Employee
    2022-12-01T16:18:10.177+00:00

    Hi @Avinash Banjan ,

    Following transformation should work for you.

    "{\"ClaimsMappingPolicy\":{\"Version\":1,\"IncludeBasicClaimSet\":\"false\",\"ClaimsSchema\":[{\"Source\":\"user\",\"ID\":\"userprincipalname\"},{\"Source\":\"user\",\"ID\":\"mail\"},{\"Source\":\"transformation\",\"ID\":\"DataJoin\",\"SamlClaimType\":\"new_username\",\"transformationId\":\"ExtractThePrefix\"}],\"ClaimsTransformations\":[{\"ID\":\"ExtractThePrefix\",\"TransformationMethod\":\"ExtractMailPrefix\",\"InputClaims\":[{\"ClaimTypeReferenceId\":\"userprincipalname\",\"TransformationClaimType\":\"mail\"}],\"OutputClaims\":[{\"TransformationClaimType\":\"outputClaim\",\"NextTransform\":\"JoinTheMail\"}]},{\"ID\":\"JoinTheMail\",\"TransformationMethod\":\"Join\",\"InputParameters\":[{\"ID\":\"string2\",\"Value\":\"787.test.com\"},{\"ID\":\"separator\",\"Value\":\"@\"}],\"OutputClaims\":[{\"ClaimTypeReferenceId\":\"DataJoin\",\"TransformationClaimType\":\"outputClaim\"}]}]}}"

    Thanks.

    0 comments