Update
For the latest version of this code please visit msgraph-sdk-powershell-examples.
Deprecated Content
Creating an Azure AD Claim Mapping Policy to map on-premises attributes to a JWT or SAML issued claim using the Microsoft Graph SDK for PowerShell and the New-MgPolicyClaimMappingPolicy
and Invoke-MgGraphRequest
cmdlets.
An Azure AD Claim Mapping Policy allows available attributes to be surfaced through a JWT or SAML claim either directly or through a value transformation. Using the outlined method values such as the on-premise ‘sAMAccountName’ may be made available to Azure authenticated applications in your tenant.
Example Issued Claims
{
"name": "john smith",
"oid": "...",
"preferred_username": "john.smith@sometenant.onmicrosoft.com",
"onpremisessamaccountname": "john.smith" <- added claim
}
PowerShell Code
Note: This code requires the Microsoft Graph SDK for PowerShell.