Microsoft Graph Powershell - Azure AD SAML Application Attributes and Claims not updated in Portal

Question

0

I'm trying to automate the bulk configuration of SAML enterprise applications in AzureAD via the Microsoft Graph API in PowerShell

I'm able to create the app and assign users/groups to it using PowerShell.

But the changes made to Attributes and Claims using PowerShell aren't reflected in the portal. I created a claims mapping policy using the command (New-MgPolicyClaimMappingPolicy) and try assigning it to an app (ServicePrincipal) using the command New-MgServicePrincipalClaimMappingPolicyByRef, it is updated when I use Get-MgServicePrincipalClaimMappingPolicy.

But in the portal it shows the old default values. It says "The configuration was overwritten by a claim mapping policy created via Graph/PowerShell"

The claims updated via powershell aren't reflected here in portal, it shows the default values in portal.

saml attributes default

After setting the attributes to include only user.givenname using powershell and MS Graph, the default values shown in the portal.

I wanted to programmatically update the Attributes/Claims for multiple (hundreds of) SAML apps and changes to reflect in the Azure portal.

Is there a solution to achieve this?

Thanks in advance.

Answer

Hi @Harishankar H,

To Configure and automate SAML-based single sign-on for your application using the Microsoft Graph API:

User's image

For more information: https://learn.microsoft.com/en-us/graph/application-saml-sso-configure-api?tabs=http%2Cpowershell-script

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Microsoft Graph Powershell - Azure AD SAML Application Attributes and Claims not updated in Portal

1 answer