...
Name | Source Attribute |
urn:mace:dir:attribute-def:eduPersonPrincipalName | user.userprincipalname* |
urn:mace:dir:attribute-def:uid | user.userprincipalname |
urn:mace:terena.org:attribute-def:schacHomeOrganization | A manipulation of: user.userprincipalname* |
urn:mace:dir:attribute-def:cn | user.displayname |
urn:mace:dir:attribute-def:displayName | user.displayname |
urn:mace:dir:attribute-def:givenName | user.givenname |
urn:mace:dir:attribute-def:sn | user.surname |
urn:mace:dir:attribute-def:mail | user.mail |
urn:mace:dir:attribute-def:preferredLanguage | user.preferredlanguage |
urn:mace:dir:attribute-def:eduPersonAffiliation | user.extensionattribute1 or fixed text value ‘employee’ **(without '') |
urn:mace:dir:attribute-def:eduPersonScopedAffiliation | A manipulation in the form: employee@[schacHomeOrganization]* |
| Informatie |
|---|
*) if your EntraID tenant contains multiple domains, always the correct domain belonging to the specific user must be sent in this attribute |
| Informatie |
|---|
**) your organization might use a different attribute for a ‘role’. It is possible to fixate this attribute to the literal text ‘employee’, see for more information: see the wiki page attributes |
For each of the claims in the table above, you need to go through the following steps.
...