Share via

Unexpected attribute and claim in Single Sign-On with SAML

John Smith 21 Reputation points
2022-05-10T04:03:24.523+00:00

Hi

I have a Microsoft 365 E3 subscription.

I have successfully added a new application (uniFLOW Online) in Enterprise application (Azure Active Directory).

I have also configured the required attributes and claims in SAML to match with what was configured in my uniFLOW Online tenant.

When I performed a Single Sign-On at my uniFLOW Online tenant, all the identities are claimed correctly except for username.

Instead of displaying John Smith, it was showing my email address.

Can you advise how should I configure the username attribute and claim in the new application (uniFLOW Online) so that the username displayed will be John Smith. Thanks.

I attach screenshot of the settings in Attribute and claim for your persual.

The claim name I configured for username is http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

200485-90a80d39-ce68-4bba-9ed3-7e1128e94389.png

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Accepted answer
  1. Shweta Mathur 30,296 Reputation points Microsoft Employee Moderator
    2022-05-10T08:11:45.103+00:00

    Hi JohnSmith-9296,

    Thanks for reaching out.

    I understand you are looking to configure username in the attribute to match with uniFLOW Online application but getting email address instead of full name.

    As per the screenshot attached, the claim http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name you are using to set username is mapped with user.userprincipalname which has email address value as shown below.

    200499-image.png

    To get the full name in the attribute, you need to edit the attribute mapping by clicking on Edit icon and change the attribute mapping to user.displayname. The display name maps the name as mentioned in user's profile and User Principal Name maps the unique email address of that user.

    200591-image.png

    Hope this will help.

    Thanks,
    Shweta

    -----------------------------------------------

    Please remember to "Accept Answer" if answer helped you.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. afu 6 Reputation points
    2022-09-11T01:59:00.497+00:00

    By default, the printing system uses the computer's login name as the authentication user name.
    JohnSmith=print login=user1
    John Smith =user2

    In the user identities attribute of uniflow online, there is a user name, where the user name is equal to the computer's login name
    If no user name is set in identities, it will use the name displayname in general as the user name to display on the Canon MFP screen
    Answer you via google translate (non-native English speakers)239746-image.png

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.