Reputation: 61
Missing Username on users signed-up in Azure AD
I have integrated Azure authentication in my project, it working good so far but, when I checked my azure ad users the username is showing unknown, I search every where but I can't found any suitable result that tells me what is the reason and problem, Azure signin_signup policy working good, when I was testing the policy first I signup and then I sign-in, when login is successfully I decode the token of the azure token and I found both name but not azure ad user name is unknown.
Upvotes: 0
Views: 609
Answers (1)
Reputation: 5159
• Since, you are using Azure AD B2C custom policies regarding ‘Signup and Signin’, which are working fine but when you are trying to decode the token received for information in it, you are not getting information on the ‘username’ of the signed in user, it is because of the ‘Validation Technical Profile’ section being executed before the ‘OutputClaimsTransformation’ section. Thus, when signing up with an Azure AD local user account, the ‘LocalAccountSignUpWithLogonEmail’ technical profile is used which includes ‘AAD-UserWriteUsingLogonEmail’ technical profile as the validation technical profile. As a result, if you check the ‘AAD-UserWriteUsingLogonEmail’ technical profile in your signin-signup policy, you can see that in your ‘PersistedClaim ClaimTypeReferenceId="displayName" DefaultValue="unknown" />’ is stated. As a result, since the validation technical profile runs before ‘OutputClaimTransformation’, you are getting the ‘DefaultValue’ of ‘unknown’.
Thus, the claims transformation profile should be as below in your signup-signin policy: -
<ClaimsTransformation Id="CreateDisplayNameFromFirstNameAndLastName" TransformationMethod="FormatStringMultipleClaims">
<InputClaims>
<InputClaim ClaimTypeReferenceId="givenName" TransformationClaimType="inputClaim1" />
<InputClaim ClaimTypeReferenceId="surName" TransformationClaimType="inputClaim2" />
</InputClaims>
<InputParameters>
<InputParameter Id="stringFormat" DataType="string" Value="{0} {1}" />
</InputParameters>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="displayName" TransformationClaimType="outputClaim" />
</OutputClaims>
</ClaimsTransformation>
• Accordingly, ensure that the ‘Technical profile’ is also updated in your ‘LocalAccountSigninSignup’ custom policy as shown below and add ‘Validate-DisplayName’ technical profile as validation technical profile under ‘LocalAccountSignUpWithLogonEmail’ technical profile as mentioned below (in same order): -
<ValidationTechnicalProfiles>
<ValidationTechnicalProfile ReferenceId="Validate-DisplayName" />
<ValidationTechnicalProfile ReferenceId="AAD-UserWriteUsingLogonEmail" />
</ValidationTechnicalProfiles>
Thus, this would help you to resolve this issue of getting ‘unknown’ in the username. For more information, kindly refer the below link: -
Upvotes: 1
Related Questions
- Azure Active Directory Multi-tenant: User doesn't exist in tenant
- Azure Active Directory Domain Services - Use AAD Connect and then Remove It to Populate Users
- Username login to Active Directory not correct
- How to identify user of azure ad user uniquly
- Missing Username on users signed-up with custom identity providers
- Azure AD B2C - Local IDP with "Username" not providing username claim
- AdalException AADSTS90122: User identifier is not present
- User.Identity.Name is different before and after publishing to Azure
- No given name or surname claim when using Azure Active Directory OAuth
- Azure AD : Account doesn't exist when user exists in ADim