Additional Mappable AD Attributes for SAML SSO
We've just implemented SAML SSO using our Azure federated domain. As of now the only fields that are pulled when a user logs in are:
- First Name
- Last Name
- Phone (Cell and Office)
- Office (Location)
3 people like this idea
Thanks for explaining your requirement. We have received similar requests from other users already and we have included this in our longterm roadmap. I'll post an update once we start development.
Freshservice Product Team
I am also using Azure federation and I have First, Last, Email, Phone Numbers, Reporting Manager, Department, and Title's pulling into FreshService. I couldn't figure out how to get the Office to come but I didn't spend more than a few minutes setting this up.
To get the department and titles I just added those attributes to the Azure Application SAML Tokens
This wouold be helpful for us as well.
@Kevin: as a workaround (assuming you haven't already thought of this), you could use some custom AD attributes and the Discovery probe. We use SAML SSO via Office 365 which is good for the Requestors and avoids the need to register. We use the AD probe with some custom fields to bring in the extra data from AD that we want.
Thanks Adam, Nicholas, for chipping in with recommendations.
@Nicholas, We do not support this as of now (We only support updating name, email and phone). Have you faced any issues updating the department / Title for users after configuring the attributes in Azure? Also, do you have any other mode of user sync such as the AD sync using the probe enabled?
I have tried to update the phone via SAML ADFS. What outgoing claim attribute is the correct one for the office phone number?
I have used phone as attribute. This failed.
It would be great if you extend the attributes in a next version.
Dennis, 'phone' is the correct attribute. Please raise a support ticket and we can troubleshoot the issue.
Folks, we now support updating all the default requestor attributes using SAML SSO.
You can find more information here
The new list of attributes supported:
We just created SSO with office 365 and FreshService.
When a user logs in to fresh service using O365 credential, it does not get the first name and last name from O365. Instead it take firstname as username (without @domain.com) form O365. Below is the configuration screenshot. Appreciate your help.
The namespace mapping is the problem here. Please remove the configuration given in NAMESPACE (Ensure that the NAMESPACE field is empty) and everything would work fine.
What is the Azure AD attribute name for Reporting Manager? I don't see anything in the list it pulls from AD that would correlate to a manager/supervisor?
In the Source Attributes under Manage Claim I don't see any of the following:
Is there a way to make them available, as we obviously have the fields within AD?
I would also like to see how to get:
Report Manager from Azure AD SAML Claims