Create Claims Mapping Policy

Owned by Dev Raj Gautam
Last updated: Aug 01, 2023
3 min read


  • Select a Tenant- Please select the Azure Active Directory (AAD) tenant for which you would like to create the claims policy.

  • Policy Name- Name - Provide a unique and descriptive identifier for the claims.

  • Policy Friendly Name- Please provide a user-friendly label or "Display Name" that appears in the application's user interface representing the policy claim.

  • Include Basic Claim Set- Select whether to include the basic set of claims in the policy. The basic claim set typically includes standard claims like user ID, email address, display name, and roles.

  • Select a Location- Select a location in EmpowerID for the application. This location is for RBAC delegation only. If there is a location selected by default and you wish to change it, click the link for the location and then search for and select the desired location from the Location tree.

  • To add Azure claims, we need to configure the Source Claims by inputting values for source claims from the user, application, resource, audience, and company. Simply click on the Source Claim tab and provide the necessary information.

    • Source Attribute - Specify the attribute from the Azure provider that will be used as the source for mapping claims.

    • SAML Claim Type- Provide the claim type used in the SAML (Security Assertion Markup Language) protocol.

    • SAML Name Format- Specify the format for the name identifier in the SAML (Security Assertion Markup Language) claim.

    • JWT Claim Type- Select the claim type used in JSON Web Tokens (JWT) authentication.


       

  • To add more claims, simply click on the "Add New Item" button and enter the details. You can also add extension attribute claims to the mapping policy.


     

  • Additionally, we need to configure the static claims for the mapping policy by inputting the static claim values as data. Click on the Static Claims tab and provide the necessary information.

    • Claim Value: Specify the claim value to return for the static claim.

    • SAML Claim Type- Provide the claim type used in the SAML (Security Assertion Markup Language) protocol.

    • SAML Name Format- Specify the format for the name identifier in the SAML (Security Assertion Markup Language) claim.

    • JWT Claim Type- Select the claim type used in JSON Web Tokens (JWT) authentication.

       

  • To add more claims, simply click on the "Add New Item" button and enter the details.




Before proceeding, it is recommended that you review the summary information. For your convenience, the summary will show the basic information and claims, allowing you to verify that the correct inputs have been provided to create the claims mapping policies.

Â