I want to read 'Attribute & Claims' from SAML enterprise application configuration using PowerShell.
I have found the Graph command Get-MgBetaServicePrincipalClaimMappingPolicy: https://learn.microsoft.com/en-us/graph/api/serviceprincipal-list-claimsmappingpolicies?view=graph-rest-beta&tabs=powershell but it always return empty value, even if I can see that attributes are configured in Azure Portal. Portal
I am using graph scope: Application.Read.All and Policy.Read.All
Any idea how I can read this configuration?
Regards
Currently, it's not possible to retrieve 'Attributes & Claims' from a SAML Entra application configuration via PowerShell or Graph API. The only way as of now is via Azure Portal.
I have one Enterprise application with 'Attributes & Claims' values as below:
When I tried running same PowerShell command as you to, it will give null as below:
Get-MgServicePrincipalClaimMappingPolicy -ServicePrincipalId <sp_id>
Response:
Even Graph API queries results null response as there are no claim mapping policies assigned to service principal:
GET https://graph.microsoft.com/v1.0/servicePrincipals/sp_Id/claimsMappingPolicies
Response:
To create claim mapping policies via PowerShell, you can refer this MS Document and assign them to service principal.
Reference: