Configuring Usernames
  • 01 May 2024
  • Dark
  • PDF

Configuring Usernames

  • Dark
  • PDF

Article summary

Configurable Usernames in Azure AD​

This feature capability was issued in the IAP 2022.1.10 maintenance release.

Administrators who use the Itential Azure AD AAA adapter can use the usernameKey property field to configure a specific claim in the AAA response for IAP to use as the "username". If the usernameKey field is not specified, the adapter will utilize the default claim of name to set new users.​

To configure the usernameKey field, navigate to Admin Essentials in IAP. Use the search bar in the left sidebar to locate "Azure" in the Adapters menu list. Under the Configuration tab on the Properties page, enter a specific claim in the usernameKey field.

Figure 1: Configure username


Why is this important?

The usernameKey provides Administrators with a configurable option to specify a custom or optional claim in the AAA response for IAP to authenticate a user. As long as the configured attribute is confirmed to be unique in the Azure/EntityID database, specifying the usernameKey as an attribute of a custom or optional claim also prevents multiple users from having the same Azure/EntityID display name in one IAP account.


The custom attribute that is chosen must contain a value. It cannot be blank or not found; otherwise, the user is unable to log into IAP.

Property Schema

Below is the usernameKey schema.

"usernameKey": {
    "type": "string",
    "description": "Key of the user token to be utilized as the username",
    "default": "name"

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.