Not getting upn (unique principal name) in claims in Azure AD authentication

4
votes

I am using Azure AD Authentication for my application for WEB API and I am able to get and ClaimsPrincipal and claims from token but I am not getting the "upn" ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn"), in the claims.

I need upon for alias. Anybody have any Idea how can I get claims.

2
azureazure-active-directoryupn

2 Answers

2
votes

You will get UPN in claims only if you are the user of that Azure Active Directory if you are listing as other user to that directory, you will not get UPN in claims.

For experiment you can create a user in the directory with "New user in your Organization" as Type of User and then try login in with new user and see you will get UPN now.enter image description here

4
votes

If you don't get the UPN, you are likely authenticating as a MSA account (Microsoft Account, formerly known as Live ID). Tokens issued for those accounts won't have the UPN claim. You can explore the claims list to see if any of the other claims there can suit your needs.