Azure AD claim transformation to find and replace in SAML request after sso authorization

Question

Hello,I need to find and replace domain in email received to a new value.

Example - If users email id is venkata@xyz.com , then return value as venakata@abc.com.

i tried steps below but not able get results. Any inputs is highly appreciated.

https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-customization#regex-based-claims-transformation

Thank you in advance.

Answer 1

@Venkata

Thank you for reaching out to us on Q&A platform.

I have performed the same steps in my lab tenant, and I am able to get the expected results.

In my lab I took an example of user account with email "User1@xxxxxxxxxx.onmicrosoft.com"

I transformed this claim and got the output claim as user1@fabrikam.com

Below is the screenshot with my output result,

In above screen shot you can see that in Regex pattern I have mentioned the value as "(?'domain'^.*?)(?i)(@xxxxxxxxxx.onmicrosoft.com)$", where "xxxxxxxxxx.onmicrosoft.com" is my input domain name.

In my output domain I wanted to get the value as User1@fabrikam.com.

I configured Replacement pattern value as "{domain}@fabrikam.com".

Now as seen in above screenshot I am getting the Test transformation result as "User1@fabrikam.com".

It is working as expected. You can configure the claim values as I did and change domain names as you are expecting them in the output value.

Let me know if you have any further questions.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.