...
Name | Source Attribute |
urn:mace:dir:attribute-def:eduPersonPrincipalName | user.userprincipalname* |
urn:mace:dir:attribute-def:uid | user.userprincipalname |
urn:mace:terena.org:attribute-def:schacHomeOrganization | A manipulation of: user.userprincipalname* |
urn:mace:dir:attribute-def:cn | user.displayname |
urn:mace:dir:attribute-def:displayName | user.displayname |
urn:mace:dir:attribute-def:givenName | user.givenname |
urn:mace:dir:attribute-def:sn | user.surname |
urn:mace:dir:attribute-def:mail | user.mail |
urn:mace:dir:attribute-def:preferredLanguage | user.preferredlanguage |
urn:mace:dir:attribute-def:eduPersonAffiliation | user.extensionattribute1 or fixed value ‘employee’ ** |
urn:mace:dir:attribute-def:eduPersonScopedAffiliation | A manipulation in the form: employee@[schacHomeOrganization]* |
| Informatie |
|---|
*) if your EntraID tenant contains multiple domains, always the correct domain belonging to the specific user must be sent in this attribute |
| Informatie |
|---|
**) your organization might use a different attribute for a ‘role’. It is possible to fixate this attribute to the literal text ‘employee’, see attributes |
Add an attribute with a 1:1 mapping
For each of the claims in the table above, you need to go through the following steps.
Attributes that are exact copies of EntraID claims can easily be created based on the instruction in the next paragraph.
Attribute mappings that require manipulation are explained in the next section.subsequent sections.
Add an attribute with a 1:1 mapping
In the box ‘Attributes & Claims’, click ‘Edit’.
...