actually after logging in and out
got the value for user.rolew(i.e the value that i typed)
user.assignedroles
Did not get any reponse for the role field whose value corresponded to user.assignedroles
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Firstly i'm not able to add http://schemas.microsoft.com/ws/2008/06/identity/claims/role as it says its a reserved claim
secondly my custom values (role/user.role) are not seen in saml assertion
actually after logging in and out
got the value for user.rolew(i.e the value that i typed)
user.assignedroles
Did not get any reponse for the role field whose value corresponded to user.assignedroles
Hello @Sai Prasanna sastry S S ,
Thanks for reaching out.
You need not to specify in "User Attributes & Claims" UI to emits http://schemas.microsoft.com/ws/2008/06/identity/claims/role
claim as Azure AD emits a role
claim by default out of box when you created App role and assign user or groups of users to roles as per these articles.
Here is test from my lab and I was able to get custom role claim as above Namespace.
In addition to that, if you try to add explicitly from "User Attributes & Claims" UI then you get below error as this claim set & namespace is SAML restricted (http://schemas.microsoft.com/ws/2008/06/identity/claims/role) hence this can't be defined and added neither from "User Attributes & Claims" UI nor Custom Policy.
Hope this helps.
------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.