About this article
This article lists supported claims and claims rules and the following sections can be found:
- Claim rules (Attribute Names)
- ADFS Claim Setup with all Membership Groups as claims
- Example of Attribute Statements
|
Claim rules (Attribute Names)
Claim Name | Schema Namespace |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims | |
ExternalUserId | http://schemas.xmlsoap.org/ws/2005/05/identity/claims |
FirstName | http://schemas.xmlsoap.org/ws/2005/05/identity/claims |
LastName | http://schemas.xmlsoap.org/ws/2005/05/identity/claims |
DisplayName |
http://schemas.templafy.com/2016/06/identity/claims
|
StreetAddress
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims |
City | http://schemas.templafy.com/2016/06/identity/claims |
PostalCode | http://schemas.xmlsoap.org/ws/2005/05/identity/claims |
State | http://schemas.xmlsoap.org/ws/2005/05/identity/claims |
Country | http://schemas.xmlsoap.org/ws/2005/05/identity/claims |
JobTitle | http://schemas.templafy.com/2016/06/identity/claims |
Department | http://schemas.templafy.com/2016/06/identity/claims |
TelephoneNumber | http://schemas.templafy.com/2016/06/identity/claims |
MobilePhone | http://schemas.xmlsoap.org/ws/2005/05/identity/claims |
FacsimileNumber | http://schemas.templafy.com/2016/06/identity/claims |
PreferredLanguage | http://schemas.templafy.com/2016/06/identity/claims |
customclaim1 | http://schemas.templafy.com/2016/06/identity/claims |
customclaim2 | http://schemas.templafy.com/2016/06/identity/claims |
customclaim3 | http://schemas.templafy.com/2016/06/identity/claims |
Groups | http://schemas.microsoft.com/ws/2008/06/identity/claims |
CompanyName | http://schemas.templafy.com/2016/06/identity/claims |
ADFS Claim Setup with all Membership Groups as claims
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/postalcode", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/stateorprovince", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/country", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/mobilephone", "http://schemas.templafy.com/2016/06/identity/claims/department", "http://schemas.templafy.com/2016/06/identity/claims/city", "http://schemas.templafy.com/2016/06/identity/claims/jobtitle", "http://schemas.templafy.com/2016/06/identity/claims/facsimilenumber", "http://schemas.templafy.com/2016/06/identity/claims/phonenumber", "http://schemas.templafy.com/2016/06/identity/claims/displayname", "http://schemas.microsoft.com/ws/2008/06/identity/claims/role"), query = ";mail,userPrincipalName,mail,givenName,sn,postalCode,st,co,mobile,department,l,title,facsimileTelephoneNumber,telephoneNumber,displayName,tokenGroups;{0}", param = c.Value);
This will send all ADFS-Supported claims to Templafy and can safely be copy/paste to a Custom Claim Rule.
OBS! You will not need any other claim rule when using the above.
You would have to add customClaim1-3 manually to the code exempt above.
Example of Attribute Statements
Microsoft Entra ID Custom Claim Setup
Since Templafy supports 3 custom claims that needs to be pushed as customclaim1, customclaim2 and customclaim3 that can be tighten to any custom attributes located in Microsoft Entra ID like the following example:
|
Related articles
Comments
0 comments
Article is closed for comments.