Closed RubenT91 closed 2 months ago
Related to #2121
@RubenT91 - I've determined this is a configuration issue. You can limit the number of groups that Azure provides through filtering in the Enterprise Application registration or by group assignment in the Application Registration. I've updated the documentation here: https://docs.powershelluniversal.com/config/security/saml2#group-overages
Version
4.2.21
Severity
Low
Environment
msi
Steps to Reproduce
We set up PSU and tried the SAML2 authentication - unfortunately for some users (with many groups) the groups are not listed when looking into claim information. Instead of the groups directly there is only one claim type named http://schemas.microsoft.com/claims/groups.link with nothing but an URL to graph.windows.net More information in the ticket.
Expected behavior
Actual behavior
Additional Environment data
No response
Screenshots/Animations