Microsoft Graph Powershell - Azure AD SAML Application Attributes and Claims not updated in Portal

Question

I'm trying to automate the bulk configuration of SAML enterprise applications in AzureAD via the Microsoft Graph API in PowerShell

I'm able to create the app and assign users/groups to it using PowerShell.

But the changes made to Attributes and Claims using PowerShell aren't reflected in the portal. I created a claims mapping policy using the command (New-MgPolicyClaimMappingPolicy) and try assigning it to an app (ServicePrincipal) using the command New-MgServicePrincipalClaimMappingPolicyByRef, it is updated when I use Get-MgServicePrincipalClaimMappingPolicy.

But in the portal it shows the old default values and it doesn't allow to update it in portal. It says "The configuration was overwritten by a claim mapping policy created via Graph/PowerShell"

The claims updated via powershell aren't reflected here in portal, it shows the default values in portal.

Also, it disabled the updating of attributes in the portal.

After bulk creation of apps and updation of the attributes/claims for multiple apps using PowerShell automation, I want it to reflect in the portal for administrators to view/update the attributes in the future.

Specifically, I wanted to programmatically update the Attributes/Claims for multiple (hundreds of) SAML apps and changes to reflect in the Azure portal.

Is there a solution to achieve this?

Thanks in advance.

Answer 1

To Configure and automate SAML-based single sign-on for your application using the Microsoft Graph API:

For more information: https://learn.microsoft.com/en-us/graph/application-saml-sso-configure-api?tabs=http%2Cpowershell-script