I was looking for a Microsoft Docs article providing a list of possible source values for SAML claims in Azure AD. I was, however unable to find one. Here’s a list of the standard source values for Azure AD claims available as per today.
In addition to these, custom synced attributes are also allowed in the claims.
- user.assignedroles
- user.city
- user.companyname
- user.country
- user.department
- user.displayname
- user.dnsdomainname
- user.employeeid
- user.extensionattribute1
- user.extensionattribute2
- user.extensionattribute3
- user.extensionattribute4
- user.extensionattribute5
- user.extensionattribute6
- user.extensionattribute7
- user.extensionattribute8
- user.extensionattribute9
- user.extensionattribute10
- user.extensionattribute11
- user.extensionattribute12
- user.extensionattribute13
- user.extensionattribute14
- user.extensionattribute15
- user.facsimiletelephonenumber
- user.givenname
- user.jobtitle
- user.localuserprincipalname
- user.mail
- user.mailnickname
- user.netbiosname
- user.objectid
- user.onmpremisessecurityidentifier
- user.onpremisessamaccountname
- user.onmpremisesuserprinciaplname
- user.othermail
- user.physicaldeliveryofficename
- user.postalcode
- user.preferredlanugauge
- user.state.user.streetaddress
- user.surname
- user.telephonenumber
- user.userprincipalname
I find having a list of these attributes available to share with developers and application suppliers very handy as these are commonly things I receive questions about. This is especially true when moving applications from ADFS to Azure AD.
Would have been a useful list if you had included sample values for them.
Some are special if it is a guest user. Or a microsoft account (principal name).
What is user.mailnickname?
I can guess but this list could have been really useful.
I agree with Søren – I found this article when I google searched for one of the attributes, hoping to know how it’s used in Azure. The list is helpful for someone, but seeing an example would make it helpful to even more!