Error Message

The Azure SAML Response lets eDiscovery Platform know who the authenticated user is under the "subject" section of SAMLResponse XML data. 
The value of the subject is generally in text format. 
However, some Azure SAML Response data sends the asserted user identity in non-text format; for example, in "transient" or "persistent" name-ID format.  
Such value cannot be used by eDiscovery Platform to map that user with eDiscovery Platform user.  

In such a case, the Azure SAML Response can be configured to return additional information about the authenticated user using "attribute statements". 
Under such a scenario, the value of this property should be set with the exact "AttributeName" string:
esa.saml.idp.samlResponse.useridAssertion.AttributeName
 

1. Have the Azure SAML team verify the 'Additional claims'  has the claim name  'name' with the value: user.userprinciplename.

2. Using the Property Browser, add the following property
Property: esa.saml.idp.samlResponse.useridAssertion.AttributeName
Value: name

Note: This value may require the 'name URL' associated to the Claims 'name' (supplied by the Azure SAML team)
Ex: http://schemas.microsoft.com/ws/2005/05/identity/claims/name


NOTE:  If the user name supplied by the SAML Response does not match the user's eDP login name, the login to the eDP application will continue to fail.  This is a known issue that is resolved in eDP version 10.1.1
 

3. Restart the eDP services