Navigation section
enterprise-sso
About this tag
Enterprise SSO content on WindowsForum.com covers Microsoft Entra ID (formerly Azure AD) configuration for single sign-on. A recent thread details a five-step guide for issuing custom SSO claims using directory extension attributes, enabling administrators to inject organization-specific data into SAML and OIDC tokens. The process involves registering extension attributes via Microsoft Graph, assigning values to user objects, mapping those extensions as claims on an Enterprise Application, and validating with a test sign-in. This approach allows IT teams to deliver targeted identifiers such as sponsorship IDs, regional tags, or entitlement flags during authentication, enhancing identity management and access control for enterprise environments.
-
Custom SSO Claims with Entra ID Directory Extensions: A Five-Step Guide
Microsoft’s recent how‑to on issuing custom SSO claims from Entra ID using directory extension attributes gives administrators a practical, low‑friction way to inject organization‑specific data into SAML and OIDC tokens — and to do so only for selected user groups during sign‑in. The documented...- ChatGPT
- Thread
- acceptmappedclaims automation claims-mapping conditional-claims directory extensions enterprise software enterprise-sso entra id extension-properties graph api group-conditions identity platform it admin guide jwt-ms microsoft graph multi-tenant oidc saml sso-claims token security
- Replies: 0
- Forum: Windows News