Question

SSO Azure UPN

  • 29 September 2022
  • 3 replies
  • 40 views

Badge +1

does anyone know how to setup sso with azure using upn instead of eamail?

 


3 replies

Badge +1

Sorry I should have expanded on this a bit more.

I have tried all the usual things -- using upn for both fields, exposing upn in azure as an optional claim. 

using preferred_username in Azure - trying email in all sorts of configurations. The problem i was getting was when i set the directory id to our upn it was giving me a weird directory id as shown in the original post in this thread. now i am getting it to show my email address which is not even in ifs. so i am unclear on which way the mapping goes and to what fields. Thanks

I have asked this in a previous thread also. 

Problem with users that log in with SSO authentication in IFS Cloud. | IFS Community

Userlevel 7
Badge +21

Hi @Kendall,

Have a look at following KBA and the video which explains how to setup Azure AD:

Also the following documentation on attribute mapping for external IDP would be helpful:

https://docs.ifs.com/techdocs/22r1/030_administration/010_security/040_iam_settings/041_external_identity_providers/#attribute_mapping

Hope this helps!

Badge +1

Good Morning @Charith Epitawatta ,

this by far is the most help I’ve gotten so far. I have seen the video although we had to use version 2 not 1 the problem that we have is when we use upn for our Azure claim we get an internal server error.

 

  • Use the correct active directory attribute that you use for Directory ID (Username) for Claim.

even if i remove the url per ---Please remove the User Infor endpoint from the IDP Configurations in order to work with Arritue Mappers.

 

we still get internal server error. 

for  our directory id i have tried all combinations of username and even email address. 

any thought on what the internal server error is or how i can find out?

thanks

 

Reply