Preconfigured description list
Preconfigured claims in AD FS
When using Microsoft AD FS one can use among a list of preconfigured claimtypes.
These covers a lot of the commonly used claimtypes, but you can anytime create new claimtypes (claim description) to use in dropdowns, if needed: Add a Claim Description
These covers a lot of the commonly used claimtypes, but you can anytime create new claimtypes (claim description) to use in dropdowns, if needed: Add a Claim Description
| Claimtype (URI/URN) | Description |
|---|---|
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress | E-mail address |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname | Given name |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | Name |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn | UPN |
| http://schemas.xmlsoap.org/claims/CommonName | Common name |
| http://schemas.xmlsoap.org/claims/EmailAddress | AD FS 1.x E-mail address |
| http://schemas.xmlsoap.org/claims/Group | Group |
| http://schemas.xmlsoap.org/claims/UPN | AD FS 1.x UPN |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/role | Role |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname | Surname |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier | PPID |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier | Name ID |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant | Authentication time stamp |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod | Authentication method |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid | Deny only group SID |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid | Deny only primary SID |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid | Deny only primary group SID |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid | Group SID |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid | Primary group SID |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid | Primary SID |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname | Windows account name |
| http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser | Is Registered User |
| http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier | Device Identifier |
| http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid | Device Registration Identifier |
| http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname | Device Registration DisplayName |
| http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype | Device OS type |
| http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion | Device OS Version |
| http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged | Is Managed Device |
| http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip | Forwarded Client IP |
| http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application | Client Application |
| http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent | Client User Agent |
| http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip | Client IP |
| http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path | Endpoint Path |
| http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy | Proxy |
| http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid | Application Identifier |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy | Application policies |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/authorityDescriptionidentifier | Authority Description Identifier |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints | Basic Constraint |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku | Enhanced Description Usage |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer | Issuer |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername | Issuer name |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/Descriptionusage | Description usage |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter | Not After |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore | Not Before |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy | Certificate Policies |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa | Public Description |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata | Certificate Raw Data |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/san | Subject Alternative Name |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber | Serial Number |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm | Signature Algorithm |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/subject | Subject |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectDescriptionidentifier | Subject Description Identifier |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname | Subject Name |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation | V2 Template Name |
| http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename | V1 Template Name |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint | Thumbprint |
| http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version | X.509 Version |
| http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork | Inside Corporate Network |
| http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime | Password Expiration Time |
| http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays | Password Expiration Days |
| http://schemas.microsoft.com/ws/2012/01/passwordchangeurl | Update Password URL |
| http://schemas.microsoft.com/claims/authnmethodsreferences | Authentication Methods References |
| http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id | Client Request ID |
| http://schemas.microsoft.com/ws/2013/11/alternateloginid | Alternate Login ID |
| http://schemas.microsoft.com/ws/2014/01/identity/claims/accountstore | Account Store |
| http://schemas.microsoft.com/ws/2014/01/identity/claims/anchorclaimtype | Anchor Claim Type |
| http://schemas.microsoft.com/2014/01/clientcontext/claims/appid | OAuth Client Id |
| http://schemas.microsoft.com/2014/01/clientcontext/claims/apptype | OAuth Client Type |
| http://schemas.microsoft.com/2014/09/devicecontext/claims/iscompliant | Device compliance status |
| http://schemas.microsoft.com/2014/02/deviceusagetime | Device Usage Time |
| http://schemas.microsoft.com/2014/02/devicecontext/claims/isknown | Is Known Device |
| http://schemas.microsoft.com/2014/03/psso | Persistent Single Sign On |
| http://schemas.microsoft.com/2015/09/prt | Primary Refresh Token |
| http://schemas.microsoft.com/identity/claims/scope | Scope of access |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsdevicegroup | Windows device group |
| http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlywindowsdevicegroup | Windows deny-only device group |
| http://schemas.microsoft.com/2014/09/devicecontext/claims/trusttype | Device Trust Type |
| http://schemas.microsoft.com/2014/09/requestcontext/claims/userip | User IP |
| http://schemas.microsoft.com/claims/authnmethodsproviders | Authentication Methods Provider |
| http://schemas.microsoft.com/2015/12/devicecontext/claims/tokenbindingid | Token Binding Id |