To ensure seamless logins for users leveraging their Microsoft User Principal Name (UPN) in Maptician, it is necessary to adjust the Single Sign-On settings within Microsoft Entra ID (Azure). This adjustment ensures that the Maptician application validates users against their UPN rather than their Azure email, which might not be available for all users.

Maptician SSO & Provisioning Mappings for Logins

If users will be using their Microsoft UPN to log into applications and systems, you will need to make a change to the SSO settings in Microsoft Entra ID (Azure) so that at SSO login, the Maptician application will check against the user's UPN and not their Azure email (if one is present, as not all users have one).

Email Address Attribute Mapping

If users will be using their email (Azure email address) to log into their applications and systems instead of UPN, a change needs to be made to one of the Microsoft Entra ID (Azure) attribute mappings prior to provisioning users into Maptician. Doing this will ensure that the newly provisioned Maptician user accounts are created with the user's Azure email address and not their UPN.

Azure Email and UPN Address Mapping

If a Maptician customer uses email (Azure email) to log into their applications and system but has some user accounts that do not have an Azure email, use this Attribute Mapping configuration. Doing this will ensure that during provisioning, the user account is created in Maptician with either their Azure email address or their User Principal Name (UPN) address.

Edit the attribute as shown below

Copy this expression and paste it into the Expression field: IIF(IsPresent([mail]),[mail],[userPrincipalName])

Completed changes are shown below

With the below configuration, when users are provisioning into Maptician, if they have an Azure email address, their Maptician account will be created with that email address.  If they do not have an email address, their Maptician account will be created with their UPN address.