Azure AD claim transformation to find and replace in SAML request after sso authorization

Venkata 146 Reputation points
2023-02-24T21:43:45.96+00:00

Hello,I need to find and replace domain in email received to a new value.

Example - If users email id is venkata@xyz.com , then return value as venakata@abc.com.

i tried steps below but not able get results. Any inputs is highly appreciated.

https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-customization#regex-based-claims-transformation

Thank you in advance.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,397 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Sandeep G-MSFT 14,241 Reputation points Microsoft Employee
    2023-02-28T10:28:44.4566667+00:00

    @Venkata

    Thank you for reaching out to us on Q&A platform.

    I have performed the same steps in my lab tenant, and I am able to get the expected results.

    In my lab I took an example of user account with email "User1@xxxxxxxxxx.onmicrosoft.com"

    I transformed this claim and got the output claim as user1@fabrikam.com

    Below is the screenshot with my output result,

    User's image

    In above screen shot you can see that in Regex pattern I have mentioned the value as "(?'domain'^.*?)(?i)(@xxxxxxxxxx.onmicrosoft.com)$", where "xxxxxxxxxx.onmicrosoft.com" is my input domain name.

    In my output domain I wanted to get the value as User1@fabrikam.com.

    I configured Replacement pattern value as "{domain}@fabrikam.com".

    Now as seen in above screenshot I am getting the Test transformation result as "User1@fabrikam.com".

    It is working as expected. You can configure the claim values as I did and change domain names as you are expecting them in the output value.

    Let me know if you have any further questions.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.