![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 49%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBK%3C/text%3E%3C/svg%3E)
25,160 questions
When creating a SAML Application using the Azure Graph API, the Name ID format may default to "persistent" if not explicitly specified. Azure Active Directory (Azure AD) honors the Name ID format that is requested in the NameIDPolicy element of the SAML request. If this element is not included in the request, Azure AD will use the format specified in the application configuration on Azure AD. If no format is specified, it defaults to the format associated with the claim source selected.
To resolve your issue, ensure that your application's SAML request either specifies the desired Name ID format (such as "emailAddress") or does not include the NameIDPolicy element, allowing Azure AD to use the format configured in the application settings.
In your specific case, since the application is sending the SAML request with the Name ID element as persistent, it overrides what is configured in the Azure AD service principal setting. If you want Azure AD to honor the Name ID format you've configured, modify your application to either specify the "emailAddress" format in the NameIDPolicy or not to send this element as part of the SAML request.
For more details, you can refer to the following Microsoft documentation: