Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Email from AzureAD has not updated to email attributes on User Table. #310

Open
technqvi opened this issue Nov 30, 2023 · 2 comments
Open

Email from AzureAD has not updated to email attributes on User Table. #310

technqvi opened this issue Nov 30, 2023 · 2 comments

Comments

@technqvi
Copy link

technqvi commented Nov 30, 2023
edited by polar-sh bot
Loading

I applied django-auth-adfs package to perform 2FactorAuthentication on AzureAD.
Hi,
I got an Azure engineer to configure the following link, It works well.
azure_ad_config_guide

All attributes except email have been synchronized from Azure AD to the User Table in the Django table correctly. Why Email from AzureAD has not been updated to email attributes on User Table like other fields?

The main point is that I am not sure whether the field mapping between Azure AD and the User Table is correct or not.

this is my configuration in settings.py , To map on Azure AD, my Azure Engineer recommends 'email': 'mail' instead of 'email': 'email'
But I tried it out, it had nothing happened, The email is still empty.

image

# checkout the documentation for more settings
AUTH_ADFS = {
    'AUDIENCE': 'xxxx',
    'CLIENT_ID':'yyyy',
    'CLIENT_SECRET': 'xxxxx',
    'CLAIM_MAPPING': {'first_name': 'given_name',
                      'last_name': 'family_name',
                      'email': 'mail'},
    'GROUPS_CLAIM': 'roles',
    'MIRROR_GROUPS': True,
    'USERNAME_CLAIM': 'upn',
    'TENANT_ID': 'xxxxx',
    'RELYING_PARTY_ID': 'xxxx',
}

Upvote & Fund

  • We're using Polar.sh so you can upvote and help fund this issue.
  • We receive the funding once the issue is completed & confirmed by you.
  • Thank you in advance for helping prioritize & fund our backlog.
Fund with Polar
@JonasKs
Copy link
Member

JonasKs commented Nov 30, 2023

You can decode an access token at https://jwt.io and see what is sent with the token. I suspect either there is no email sent, or the mapping is wrong.

@technqvi
Copy link
Author

technqvi commented Nov 30, 2023
edited
Loading

You can decode an access token at https://jwt.io and see what is sent with the token. I suspect either there is no email sent, or the mapping is wrong.

From what you advised, I suppose it is relevant to the later which involves 'email': 'mail' instead of 'email': 'email' .
Now, I ask an Azure Engineer in the company I work for who is in charge of Azure-AD to check again about email field mapping.

I will let you know if any progress

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JonasKs @technqvi