August 2019
Intermediate to advanced
786 pages
20h 22m
English
Content preview from Mastering Active Directory - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
What is a claim?
A few times in the preceding example, we have discussed claims. But what is exactly a claim, and how is it generated?
A claim is simply a statement about a user that is used for authorization purposes of claim-aware applications. Each claim contains a value about a user such as their UPN, email address, and Common Name (CN).
AD FS supports many different claim types. Claim types are used to show what sort of value will be included in the claim. The following table contains the most commonly used claim types:
|
Claim type |
Description |
|
UPN |
UPN of the user |
|
|
RFC 5322-type email address |
|
Given name |
Given name of the user |
|
CN |
CN value of the user account |
|
Name |
Name of the user |
|
Surname |