Hi @yama , you can use the name
claim type. The name
claim type is used to represent the display name of the group. Here's an example of how to extract the group name from a SAML claim using regex in C#:
using System.Text.RegularExpressions;
// Example SAML claim
string samlClaim = "http://schemas.microsoft.com/ws/2008/06/identity/claims/groups: {group-object-id}";
// Extract the group object ID from the SAML claim
string groupObjectId = Regex.Match(samlClaim, @"{(.+?)}").Groups[1].Value;
// Get the group name from Azure AD using the group object ID
string groupName = await graphClient.Groups[groupObjectId].Request().Select("displayName").GetAsync().Result.DisplayName;
The samlClaim
variable contains the SAML claim that includes the group object ID. The Regex.Match
method is used to extract the group object ID from the SAML claim using a regular expression. The graphClient
variable is an instance of the Microsoft Graph client, which is used to retrieve the group name from Azure AD using the group object ID. The Select
method is used to specify that only the displayName
property should be returned. The GetAsync
method is used to retrieve the group object from Azure AD, and the DisplayName
property is used to get the group name.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James