RapidIdentity Product Guides - 2019 Rolling Release

Configuring the Claim Issuance Policy

The Claim Issuance Policy allows Active Directory Federation Services(ADFS) to release assertion attributes to RapidIdentity.

Currently, there are two options:

The best option is the idautoID and its advantage is uniqueness; however, this is only possible if the ADFS instance can communicate with an Active Directory Domain Controller which contains that attribute.

The second best option is to configure ADFS to release the user's email address, however RapidIdentity must have the same value provisioned in its backing directory and the email address must be unique.