Access to identity provider information i.e. upn from azure active directory

I’m trying to access the UPN value from our identity provider (azure AD) to push it into the JWT. Using rules, I can add information into the user.app_metadata object, but the value I need to access to and add there isn’t present in the normalized user object presented to the rules. Is there a way to get this value in the rules?

Hi there @athomas, i apologize for the delay in response. Below is a example from our docs that shows how you can leverage the UPN when working with SAML. Please let me know if this helps you in your quest. If by chance it doesn’t I would be happy to dig in to the challenge with your further. Thanks!

Example: Changing the SAML Token Lifetime and Using UPN as NameID

function (user, context, callback) {
  // change SAML token lifetime to 10 hours
  context.samlConfiguration.lifetimeInSeconds = 36000;

  // if available, use upn as NameID
  if (user.upn) {
    context.samlConfiguration.mappings = {
      "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "upn"
    }
  }

  callback(null, user, context);
}

This topic was automatically closed 6 days after the last reply. New replies are no longer allowed.