Cloudmore SSO - Setting up Claims :Azure AAD

This article has been created to supplement Step 3 of the Cloudmore SSO process

Claims are attributes that the Identity Provider (IdP) sends together with the SAML token used by Cloudmore to match the SAML token to an existing user in Cloudmore.

  • Sign in to the Azure portal (
  • On the left navigation pane, select the Azure Active Directory.
  • Navigate to Enterprise Applications. Find and open your application
  • Click on Single sign-on
  • Go to the Azure Portal, scroll down to section 2 (called User Attributes & Claims) and click on the pen.SSO Pic 6
  • Click the Add new claim button at the top.

SSO Pic 7

  • In the Name field, enter and select user.mail from the Source attribute dropdown. If your users are not using Microsoft O365 Exchange, you can map it to the user.user principal name instead by selecting it from the Source Attribute dropdown. This will map it to the user's username.  SSO Pic 8
  • Click the Save button at the bottom.
  • Click the X in the top right corner to close the User Attributes & Claims. Click No; I’ll test later again.