PingOne automatically populates required SAML attributes.
For Microsoft 365, the required attributes are:
subject: maps to the
userPrincipalNameActive Directory attribute.
guid: maps to the
objectGUIDActive Directory attribute.Note: Microsoft has updated the default
sourceAnchorattribute to use
ms-DS-consistencyGUIDby default. To determine which option is best for your organization, see Azure AD Connect: Design concepts in the Microsoft documentation.
- To add an additional optional attribute, click Add new attribute.
- In the Application Attribute field, enter the attribute name as it appears in the application.
In the Identity Bridge Attribute or Literal Value field,
choose one of the following:
- To map to the application attribute: Enter or select a directory attribute.
- To assign to the application attribute: Select As Literal, then enter a literal value.
To create advanced attribute mappings, click
For more information, see Create advanced attribute mappings.