...
Name | Source Attribute |
urn:mace:dir:attribute-def:eduPersonPrincipalName | user.userprincipalname* |
urn:mace:dir:attribute-def:uid | user.userprincipalname |
urn:mace:terena.org:attribute-def:schacHomeOrganization | A manipulation of: user.userprincipalname* (see further) |
urn:mace:dir:attribute-def:cn | user.displayname |
urn:mace:dir:attribute-def:displayName | user.displayname |
urn:mace:dir:attribute-def:givenName | user.givenname |
urn:mace:dir:attribute-def:sn | user.surname |
urn:mace:dir:attribute-def:mail | user.mail |
urn:mace:dir:attribute-def:preferredLanguage | user.preferredlanguage |
urn:mace:dir:attribute-def:eduPersonAffiliation | fixed text value ‘employee’ (without ' ', Microsoft will automatically add “ “) |
urn:mace:dir:attribute-def:eduPersonScopedAffiliation | A manipulation in the form: employee@[schacHomeOrganization]* (see further) |
| Informatie |
|---|
*) if your EntraID tenant contains multiple domains, always the correct domain belonging to the specific user must be sent in this attribute |
...
Enter the claim name (first column in the table above) in the ‘Name’ field and select the Source attribute that you found in the second column in the table above:
...
For urn:mace:dir:attribute-def:eduPersonAffiliation it is sufficient to simply type ‘employee’ in the source attribute field without the quotes, Microsoft will automatically put the word in double quotes.
Repeat the steps for every attribute mentioned in the table above.
...