SAML attributes used by the helpdesk

Question:

What are the AD attributes you are using in the user profile when authenticating users via SAML at Azure AD or local ADFS?

Answer:

We look at:

"User.email", "email", or "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress") for email

"first_name", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "User.FirstName", "givenName" for first name

"last_name", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "User.LastName", "sn" for last name

"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/department" or "department" for department

"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/homephone" or "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/telephonenumber" for the phone number

"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/companyname", "organization", "User.CompanyName" for the company name

"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/location" or "physicalDeliveryOfficeName" for the location

saml

Creation date: 9/22/2021 7:05 AM (Alex) Updated: 11/9/2021 2:01 PM (Alex)

Frequently asked questions and answers on our Helpdesk solution. Feel free to submit your quick questions; we will answer them and add the answers to this collection.