Office 365

Supported attributes reference

The following table consists of the attributes that can be mapped on a user during provisioning.

userPrincipalName

The user principal name (UPN) of the user. The UPN is an Internet-style login name for the user based on the Internet standard RFC822.

This must match the domain configured in the Azure environment.

displayName

The name displayed in the address book for the user. This property is required when a user is created and it cannot be cleared during updates.

mailNickname

The mail alias for the user. This property must be specified when a user is created.

city

The city in which the user is located.

country

The country/region in which the user is located; for example, "US" or "UK".

department

The name for the department in which the user works.

facsimileTelephoneNumber

The telephone number of the user’s business fax machine.

givenname

The given name (first name) of the user.

jobTitle

The user’s job title.

mobile

The primary cellular telephone number for the user.

To update a user’s mobile number, the Office 365 Connector requires elevated permissions. To elevate these permissions please see O365 Connector: Mobile attribute updates. If you do not wish to elevate these permissions, please make the mobile attribute Create-Only when configuring the connection’s attribute mappings.

physicalDeliveryOfficeName

The office location in the user’s place of business.

postalCode

The postal code for the user’s postal address. The postal code is specific to the user’s country/region. In the United States of America, this attribute contains the ZIP code.

perferredLanguage

The preferred language for the user. Should follow ISO 639-1 Code; for example "en-US".

state

The state or province in the user’s address.

streetAddress

The street address of the user’s place of business.

surname

The user’s surname (family name or last name).

telephoneNumber

The primary telephone number of the user’s place of business.

usageLocation

Required for the licensing feature. Needs to be mapped to an attribute that contains the ISO-3166 formatted country (a two letter country code) of license usage.

Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. Examples include: "US", "JP", and "GB".

userType

A string value that can be used to classify user types in your directory, such as "Member" and "Guest".

password

Map password to a field so the content will become the user’s initial password instead of the less secure default. The field can also be set to a static default value.

This field is required when a user is created. It can not be updated, but the user can be forced to update their password on their next login by setting their resetPassword field to true.

The password must satisfy minimum requirements as specified by the user’s passwordPolicies property. By default, a strong password is required.

resetPassword

Determines if a user needs to do a password reset the next time they login. Default value is true, but can be mapped to an attribute.

manager

Required for the manager feature. Sets the user DN of the associated manager.

pingSourceDn

Required for the manager feature. A custom field that we set on a user in Azure, which holds the user’s DN from AD and is used to lookup users in Azure in order to set the manager field on a user in Azure.

Sets the user DN. Users and managers must be created or updated with the pingSourceDN information for the manager association to succeed.

skuId

Required for the licensing feature. Can be mapped in PingFederate to a single or multi-valued attribute in LDAP. Used for the IDs or names of the license(s) assigned to users. The usageLocation field must also be set for a license to be successfully assigned.

disabledPlans

Part of the licensing feature. Can be mapped in PingFederate to a single or multi-valued attribute in LDAP. Used for the IDs or names of disabled plans for individual users’ licenses.

immutableId

This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user’s userPrincipalName (UPN) property. This field can not be updated by the Office 365 Connector.

otherMails

A list of additional email addresses for the user.