A pre-requisite to configuring the ADFS Relaying Party Trust for Loome Identity is that you configure the following Claim Description, if your ADFS has been configured to talk to Azure AD, this may already be present.
| Key Name | Value |
|---|---|
| Source user ID | http://schemas.microsoft.com/LiveID/Federation/2008/05/ImmutableID |
This is the custom rule to apply to the Loome Identity ADFS Relying Trust.
c:[Type ==
"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname",
Issuer == "AD AUTHORITY"] => issue(store = "Active Directory", types =
("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
"http://schemas.microsoft.com/LiveID/Federation/2008/05/ImmutableID"),
query = ";givenName,sn,displayName,mail,userPrincipalName,sAMAccountName,objectGUID;{0}", param = c.Value);