How do I customize attribute mappings for SAML2 Single Sign-on (SSO - Authentication) / auto-provisioning (SCIM) in the Azure / Entra enterprise application?

Modified on Thu, 25 Sep at 7:58 AM

In some instances, customer may wish to map different attributes when importing and synchronizing users from the Azure/Entra/O365 Active Directory instance.

For example, customers may wish to map the Department field to the state attribute and the Title field to the city attribute. This would allow them to assign and report on training assigned by city or state.

Other customers store information they may wish to map to one of the attributes in a different attribute in the Directory. For example, mapping the title field to the description attribute.

Always follow the most current documentation from Microsoft. If the steps below or interface have changed since the posting of this article, please let us know by sending an email to infosec_awareness@fortinet.com and we will update the article.

Here are the steps recorded at the time of the posting of this article:

1) Log in to the portal.azure.com Entra admin interface and go to Enterprise Applications.

2) Find the Fortinet Security Awareness and Training Service enterprise application and select it.

3) From the Manage navigation menu item, then click on the Provision Microsoft Entra ID Users link.

The Attribute Mapping page is displayed:

4) Scroll down and modify the attribute mappings as required.