locked
Claims Language Question RRS feed

  • Question

  • Hi all

    Can anyone point me a definitive source for the syntax and grammar of the claims language as used in ADFS?

    I need something with specific examples of certain use cases

    For example I have a SQL database containing the employee number attribute for all my users. The database also contains their UPN.

    I would like to create a claim rule that will send back the employee number if the UPN in AD matches the UPN in the SQL database.

    I've been scratching my head for a while with no luck.

    The claim language currently looks like this:

    c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/userprincipalname"]
     => issue(store = "ADFSDEMO", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/EmployeeID"), query = "SELECT EmployeeID from dbo.attributes where UserPrincipalName = {0}", param = c.Value);

    Can anyone assist?

    Regards

    Peter

    Tuesday, August 2, 2016 11:57 AM

Answers