Share via

Need to create Claim in Azure SSO

ShashankSaxena-2458 131 Reputation points
2021-09-02T13:50:02.637+00:00

Hello Team,

We are in a migration process of applications from ADFS server to Azure Enterprise applications but during the migration, we are also migrating the claims but I am not able to understand, how to migrate the below claim in Azure from ADFS:

c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> issue(store = "Active Directory", types = ("updateTimeStamp"), query = ";whenChanged;{0}", param = c.Value);

Can anyone suggest the method.

Regards,
Shashank Saxena

Microsoft Security | Active Directory Federation Services
Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,871 Reputation points Moderator
    2021-09-23T09:37:46.187+00:00

    Hi @Anonymous • Thank you for reaching out.

    As of now, Azure AD doesn't provide capability to write custom claims rules. So, you can't migrate exact claim rules from ADFS. The closest to the above claim rule you can create is, add below claim to your enterprise application > SAML-based sign-on > User attributes and claims:

    134619-image.png

    Note: To use above claim, make sure that you have sync rule in AD Connect to sync windowsaccountname (from on-premises AD) as onPremisesSamAccountName to Azure AD and is synced by default.

    You may post a feedback for adding this capability at Azure Feedback Platforms, which is monitored by the product team for product enhancements.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.