shashishailaj
commented
4 years ago @jnxxx Thank you for your query . We will investigate and update the thread further.
Closed jnxxx closed 4 years ago
shashishailaj
commented
4 years ago @jnxxx Thank you for your query . We will investigate and update the thread further.
jnxxx
commented
4 years ago Actually it seems the example in Q1 does have an effect. 'Unspecified' just causes it not to be specified in the response. That may be ok. If I change it, it can be seen in the response as expected.
Q2 is still interesting to see if it can be overridden from application manifest.
amanmcse
commented
4 years ago @jnxxx We cannot use the application manifest to perform claim transformation or to specify the format of the claim to be passed in the token in this case. It has to be done via policy files only.
Please let me know if you have any further question or shall we proceed with closure of this thread.
jnxxx
commented
4 years ago @amanmcse, too bad, but thanks, Yes, let's close the thread.
Two questions:
How do I control NameID format. Many applications require a specific format. Or it specifically be set to unspecified. A while ago I saw an example specifying it in a format attribute on the SubjectNamingInfo tag. Like: <SubjectNamingInfo ClaimType="userid" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" ExcludeAsClaim="true"/> But currently it does not seem to affect the response.
Can I from the application manifest override which claim is used as NameID and the format? It is great that we can now specify application specific values in the application manifest. Btu often the claims and especially NameID content and format must be adopted to the app. Being able to specify this, can lower the amount of policies needed.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.