Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,362 questions
Hello @r-dhilipan · Thank you for reaching out.
Unfortunately, as of now it is not possible to export the configured list of User Attributes & Claims for a given Azure servicePrincipal. The possible methods that can be performed via PowerShell or Graph API are listed here: servicePrincipal resource type | Methods
If you have configured User Attributes & Claims via Claim Mapping Policy and applied that to a servicePrincipal, you can view that by using below cmdlet:
Get-AzureADPolicy -Id e92c7221-xxxx-xxxx-x-5xxx34ff4a0dbe0 | fl
Id : e92c7221-xxxx-xxxx-xxxx-534ff4a0dbe0
OdataType :
AlternativeIdentifier :
Definition : {{
"ClaimsMappingPolicy": {
"Version": 1,
"IncludeBasicClaimSet": "false",
"ClaimsSchema": [{
"Source": "user",
"ID": "employeeid",
"SamlClaimType": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/employeeid",
"JwtClaimType": "employeeid"
},
{
"Source": "user",
"ID": "mail",
"SamlClaimType": "http://schemas.microsoft.com/identity/claims/emailaddress",
"JwtClaimType": "mail"
},
{
"Source": "user",
"ID": "onpremisessamaccountname",
"SamlClaimType": "samaccountname",
"JwtClaimType": "samAccountName"
},
{
"Source": "user",
"ID": "department",
"SamlClaimType": "http://schemas.microsoft.com/identity/claims/department",
"JwtClaimType": "department"
}
]
}
}}
DisplayName : SAMLClaimsPolicy
IsOrganizationDefault : False
KeyCredentials : {}
Type : ClaimsMappingPolicy
To request for export functionality for User Attributes & Claims configured on a ServicePrincipal, feel free to post an idea at our Feedback Portal.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.