Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
127
Views
0
Helpful
1
Replies

What SAML attribute does Firepower use as "username" in RADIUS AuthZ?

DannyDulin
Level 1
Level 1

‎05-07-2024 12:33 PM

RAVPN connection profiles using Azure MFA for Authentication.

We are using ISE for Authorization.

When the FTD receives the SAML response from Azure MFA that includes multiple attributes in the claim, which attribute does FTD send to ISE as "username" in the RADIUS authorization request?

Any help would be greately appreciated.

0 Helpful
1 Reply 1

Greg Gibbs
Cisco Employee
Cisco Employee

‎05-07-2024 05:03 PM

When redirected to the MS login portal, you login using the UserPrincipalName of the user account in Entra ID. This is the attribute that the FTD sends to ISE for identity and the UPN is the only attribute ISE can use to perform REST ID authorization lookups against Entra ID for user groups/attributes.

0 Helpful
Customers Also Viewed These Support Documents