none
Latest claim changes - what have I done wrong? RRS feed

  • Question

  • I have just rather belatedly updated my application to reflect the content of the upcoming changes document.  My bad - I only spotted the changes were coming when my application broke, so I'm looking at things rather late in the day.

    Specifically, I have:

    • updated the WS-FederationMetadata endpoint in web.config,
    • removed PUID and changed the app to use ObjectId instead,
    • removed UPN and changed the app to use Name instead,
    • amended the TenantId claim.

    Hopefully that all makes sense.  Looking at the claims coming back from WAAD, I can see that TenantId has changed.  I can see that PUID has gone.  But there is no sign of ObjectId, which is obviously rather crucial for me.  This is how the claims look:

    Interesting to note that the tenant id is "microsoft.org" and not "microsoft.com" as indicated in the release notes on the forum.  I can't help wondering whether this is something to do with me using "Office 365 AD" rather than "Azure AD" - as I know we found some subtle differences before.

    Some guidance on how to find ObjectId would be really appreciated so that I can mend my application!

    Thanks,  Nick.


    • Edited by Nick Locke Saturday, March 23, 2013 8:29 AM Typo!
    Saturday, March 23, 2013 8:28 AM

Answers

  • ObjectID should be available now, though I suspect you probably found out the hard way as well. Our apologies for that.

    The "Microsoft.org" issue was a known bug that was hotfixed around the time you noticed it.

    Monday, April 8, 2013 5:07 PM

All replies

  • Spent some time this morning working through this, even to the point of creating a completely new MVC4 Internet application.

    Whatever I do, I am not getting an ObjectId claim back from WAAD. 

    So, I am now really starting to think that it's somehow related to me using an "old" Office 365 AD.

    Clues welcome, please as without the ObjectId claim, I can't follow the guidance to use ObjectId as the correct way to identify a user within my application.

    Thanks,  Nick.

    Sunday, March 24, 2013 10:38 AM
  • This morning, there is a small step in the right direction.  The TenantId claim is now coming from microsoft.com as originally expected.  A good move, although it broke my application again until I realised what was going on.

    Was this breaking change noted anywhere?  If it was, I can't find it!

    Any news on when ObjectId might appear?

    Thanks,

    Nick

    Thursday, March 28, 2013 7:24 AM
  • ObjectID should be available now, though I suspect you probably found out the hard way as well. Our apologies for that.

    The "Microsoft.org" issue was a known bug that was hotfixed around the time you noticed it.

    Monday, April 8, 2013 5:07 PM