ADSF - missing username

We are testing your product for ADSF sso integration, and everything works great except that we don’t get the username.
We get claims, including a claim that holds the username, but the out param of the username is empty.
out isInResponseTo,
out partnerName,
out authnContext,
out userName,
out attributes,
out relayState);

attributes - all data exists after login, including the username
userName - empty

Can you please advise what could be the problem?


The userName parameter returns the SAML subject Name ID from the SAML assertion. If this is null it means the IdP didn’t include a Name ID.

The ADFS admin needs to create a claims rule that maps some ActiveDirectory property (eg user principal name or email address) to the SAML Name ID.

This is described in the “Adding a Claims Rule” section of our ADFS Relying Party Integration Guide.