How can i add an additional attribute to my saml assertion

gurinder 0 Reputation points
2024-05-22T16:43:38.8466667+00:00

I federated an application in my azure tenant and would like to send additional user profile attributes in the saml token (for example, the country attribute - which is a native attribute).
I've added it in the claims config of the application (see below)

User's image

but the saml assertion still only sends the default claims attributes and user.country does not show up.

User's image

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,081 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Navya 5,325 Reputation points Microsoft Vendor
    2024-05-24T09:45:52.8333333+00:00

    Hi @gurinder

    Thank you for posting this in Microsoft Q&A.

    I understand that you want to add an additional attribute to your SAML assertion in Azure AD.

    By default, the Microsoft identity platform issues a SAML token to an application that contains a claim with a value of the user's username (also known as the user principal name), which can uniquely identify the user. The SAML token also contains other claims that include the user's email address, first name, and last name.

    Based on your information I confirmed you have added user.Country claim in your once this is done, your enterprise application will receive claims which you configure.

    Can you please check that country attribute containing value or not in user profile. This is expected behavior if country value is not contained in user profile.

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya.

    If the answer is helpful, please click "Accept Answer" and kindly "upvote" it.

    0 comments No comments