Is there any option to get own fields (change fileds name, add alias or sth)? In https://graph.microsoft.com/oidc/userinfo there were some fields like sub, amr, aio returned in JSON. Fields are needed by third party extension in XWIKI (not easy to fix it) :/ Fields not appear in https://graph.microsoft.com/v1.0/me
I need to get all of them in JSON. I there any option to change returned filed name to own? Or maybe return missing fields as new fields? Values of those fields can be static, provided in URL link.... Fields just need to appear and it doens't matter what values will appear there.
Or maybe is there any option to get more fields using:
https://graph.microsoft.com/oidc/userinfo
https://login.microsoftonline.com/{tenant}}/openid/userinfo
like:
mailNickname
onPremisesSamAccountName
?
So there will bo no need to use Graoh v1.0 :)
I'm afraid it's not supported to extend fields with https://graph.microsoft.com/oidc/userinfo endpoint currently.
If possible you could get the additional fields through https://graph.microsoft.com/v1.0/me and handle sub information from https://graph.microsoft.com/oidc/userinfo with them together in your own code.
Similar posts for your reference:
Azure AD: OpenId Connect v2 - UserInfo not returning username, etc.
azure AD, How to add user claims for OIDC /userinfo request
Related
hi I created the custom claim for that so please check the below claim which is created by me:
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"] =] issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"), query = "(&(objectClass=user)(objectCategory=person));mail,givenName;{0}", param = c.Value);
But in this case, I got all emails in an outgoing claim (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress ), Also get all the givenname in another outgoing claim (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname).
Please check the below Screenshot of how I got the values of email and name right now from the adfs using code of C#.
https://learn.microsoft.com/en-us/answers/storage/attachments/137282-image.png
But I need in a single outgoing claim like email= abc#gmail.com, Givenname=abc (with any comma separate or any separator), I need both email and given name in one single outgoing claim.
I already generate this same in the Microsoft Ignite forum: https://learn.microsoft.com/en-us/answers/questions/566015/how-to-get-all-users-of-adfs-with-all-attributes-e.html
Can you please help me to get all user's details from adfs using windows account login and get all user's details?
Thanks
You can't out of the box.
That's not how claims work.
You could use a custom attribute store.
You could also combine the claims into a single type.
See this under "Combining Claim Values".
When calling the latest (version 2020-01-01) azure tenants api (management.azure.com/tenants) I don't see the same properties in the response as I get when using the "Try it" feature on the "Tenants - List" page in the online Azure REST documentation.
The response that I get only contains the "id", "tenantId" and "tenantCategory" properties. So the cool stuff like countryCode, domains, displayName, etc. are missing. I was using an older api version before which only included the "id" and "tenantId" properties so I do see the additional "tenantCategory" property at least.
When calling the 2020-01-01 version of the subscriptions list API in my code I do get all the same properties that I see when I use the "Try it" feature.
Has anyone else experienced this issue or know what could be the cause?
Thanks in advance!
I tried with https://management.azure.com/tenants?api-version=2020-01-01 in Try it, it returned the properties. Try to use 2020-05-01, 2020-06-01 or 2020-07-01 versions. They all worked for me.
When using Postman to call the API:
So it turns out that if you request the token under user context and use that as bearer token in the authorization header of the API call you get all the properties in the response, i.e. the same properties as you see when using the "Try it" feature online. But in my app I'm requesting it under the application context and then the expected behaviour is to only return the "id", "tenantId" and "tenantCategory" properties. So the tenants api is a bit different than the others and it's supposed to be that way.
I'm retrieving user information using the graph API (https://graph.microsoft.com/v1.0/me), but I'm only getting very little information:
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#users/$entity",
"id": "e163a120378.....",
"userPrincipalName": "myemail#example.com"
}
(Omitting properties with null values)
I'm sure that this user has at least a name (and probably some other properties), and I am expecting it to be included in the response, but it's not.
The access token used for the request was requested with scope https://graph.microsoft.com/User.Read, using the token enpoint https://login.microsoftonline.com/common/oauth2/v2.0/authorize. I've tried many other scopes, without results.
How do I retrieve user information with more details, like a name?
To resolve this issue, you'll want to update this account's profile with First Name and Last Name via https://profile.live.com. Once populated, these values will surface within Graph.
There are multiple systems backing Microsoft Accounts. Graph is pulling the profile data from Outlook.com. The https://profile.live.com site holds the Outlook Profile which that Graph is reading from. Once a user visits Outlook.com, all of the profile data is provisioned and then synced with https://account.microsoft.com. Prior to that however, the Profile isn't fully populated.
I need to be able to filter the templates that my organization has in docusign after I make a getTemplates API call. Right now we are filtering by folder name, but this solution is not ideal. Templates can easily get moved and the folders are created by the individual user not by organization, so every user in our organization would have to create the same folder structure.
Is there a way to add a custom data to a template? Ideally, this field would be returned with the JSON Response from DocuSign. Something like:
JSON Response from DocuSign
{
"envelopeTemplates": [
{
"allowMarkup": "sample string 30",
... other standard template properties ...
"customMetaData": {
"foo": "bar" // what ever the user wants to add here
}
}
]
}
Or does anyone have a better idea for filtering templates?
There are two possible ways to add the metadata to the template
TemplateCustom Fields let you specify metadata that gets associated at the Template level. This data isn't visible to recipients; it's just extra metadata that you can associate with an template and query later (via API). See here for more info.
Document Custom Fields let you specify metadata that gets associated at the Document level. This data isn't visible to recipients in any way; it's just extra metadata that you can associate with a specific Document and query later (via API). See here for more info.
It is possible to add custom data to a given template by adding a "Custom Field". See here how to Add Custom Document Fields to a Template Document
How can I get a JSON object with teams (organizations) where the user is member?
I am searching in documentation and in Bitbucket REST API Console.
Basically I need the correspondent for orgs.getFromUser function from Github API where I pass the username after authenticating.
I think you're looking for this endpoint.
You provide the accountname and authenticate for it, and GET /1.0/groups/:accountname/. It will return a list of objects displayed on the documentation page.
Use the "User Endpoint" for API 1.0
https://confluence.atlassian.com/display/BITBUCKET/user+Endpoint
The call your looking for is: https://bitbucket.org/api/1.0/user/privileges
You need to call this with user authenticated:
curl -u "USER_NAME:USER_PASSWORD" https://bitbucket.org/api/1.0/user/privileges
This will return a list of teams:
{u'teams': {u'team1': u'admin', u'team2': u'admin'}}