If you have followed the documentation for ADFS Integration with WS1, you configured the WS1 to send “${user.domain}\${user.userName}” as the NameID. However, you will probably need to send additional attributes in case other applications are looking for things like UPN. The following is how you would configure this:
- Under Attribute Mapping, enter the Name of the Attribute using Microsoft Schema syntax. The following is a list of common attributes:
- Enter the Attribute Name and the matching value:
ADFS Configuration
- Under Claims Provider Trusts, edit the claims for the Workspace ONE Claims Provider Trust
- Add a Rule
- Select the attribute and pass all values.
- Save
- In the Relying Party Trust
- Edit the claims
- Create a New Transform Rule to Set the NAME to the UPN