Mapping User Attributes & Claims between Azure AD and Laserfiche Cloud

When a user authenticates to the Laserfiche application, Azure AD issues the application a SAML token with information (or claims) about the user that uniquely identifies them. By default, this information includes the user's username, email address, first name, and last name.

The Unique User Identifier (Name ID) identifier value is a required claim and is important. The default value is user.userprincipalname. The user identifier uniquely identifies each user within the application. For example, if the email address is both the username and the unique identifier, set the value to user.mail.

Note: To learn more about user attributes & claims or how to customize claims in Azure AD, see How to: customize claims issued in the SAML token for enterprise applications.

Attribute Mappings in Laserfiche Cloud

1. Navigate to Laserfiche Cloud and sign in.
2. Click the Settings tab under Account Administration.
3. Click Single Sign-On tab.
4. Click the Attribute Mappings tab.
5. Enter the attribute Name that you specified in Azure AD. Do not use the attribute Value.
6. Once finished, click Save changes.