I was looking for a Microsoft Docs article providing a list of possible source values for SAML claims in Azure AD. I was, however unable to find one. Here’s a list of the standard source values for Azure AD claims available as per today.
In addition to these, custom synced attributes are also allowed in the claims.
- user.assignedroles
- user.city
- user.companyname
- user.country
- user.department
- user.displayname
- user.dnsdomainname
- user.employeeid
- user.extensionattribute1
- user.extensionattribute2
- user.extensionattribute3
- user.extensionattribute4
- user.extensionattribute5
- user.extensionattribute6
- user.extensionattribute7
- user.extensionattribute8
- user.extensionattribute9
- user.extensionattribute10
- user.extensionattribute11
- user.extensionattribute12
- user.extensionattribute13
- user.extensionattribute14
- user.extensionattribute15
- user.facsimiletelephonenumber
- user.givenname
- user.jobtitle
- user.localuserprincipalname
- user.mail
- user.mailnickname
- user.netbiosname
- user.objectid
- user.onmpremisessecurityidentifier
- user.onpremisessamaccountname
- user.onmpremisesuserprinciaplname
- user.othermail
- user.physicaldeliveryofficename
- user.postalcode
- user.preferredlanugauge
- user.state.user.streetaddress
- user.surname
- user.telephonenumber
- user.userprincipalname
I find having a list of these attributes available to share with developers and application suppliers very handy as these are commonly things I receive questions about. This is especially true when moving applications from ADFS to Azure AD.
Would have been a useful list if you had included sample values for them.
Some are special if it is a guest user. Or a microsoft account (principal name).
What is user.mailnickname?
I can guess but this list could have been really useful.