Skip to main content

Attributes

Identity Attribute

There are 2 json files which distributes the identity in IDHub. One is Account.json for Accounts and Entitlement.json for Entitlements (This includes all entitlement types e.g. Groups, Roles, License etc)
Attribute NameAttribute TypeAttribute Description
idstringUnique Identifier of Identity
namestringName of Identity
endpointstringEndpoint name of Identity
descriptionstringDescription of Identity
schemastringSchema path of Identity

Account Attribute

Below are the default attributes that Account.json can accommodate to fetch account related information from your Entra ID instance.
Attribute NameAttribute TypeAttribute DescriptionRequired
accountEnabledbooleanTrue if the user is enabled; otherwise, false.Yes
citystringCity in which the user is located.
countrystringCountry/region in which the user is located.
departmentstringName for the department the user belongs to.
displayNamestringName displayed in the address book for the user.Yes
employeeIdstringNumerically identifies an employee within an organization.
givenNamestringFirst name of an user.
jobTitlestringUser’s job title.
mailstringThe SMTP address for the user. For example, john@abcd.onmicrosoft.com
mailNicknamestringMail alias for the user.Yes
managerDisplayNamestringManager of the user. (Type: String). The Microsoft Entra ID connector provides support for provisioning the manager attribute.
managerLoginstringManager’s mail nickname of the user.
mobilePhonestringPrimary cellular telephone number for the user.
metacomplexA complex attribute containing resource metadata with subattributes

resourceType - The name of the resource type of the resource.

created - The DateTime that the resource was added to the service provider

lastModified - The most recent DateTime that the details of this resource were updated at the service provider. If this resource has never been modified since its initial creation, the value MUST be the same as the value of created

location - The URI where the resource is available

version - The version of the resource being returned.
idstringUnique identifier for the user. This is an Account ID which must not be changed.Yes
schemasstringUnique value of the user
officeLocationstringOffice location in the user's place of business.
postalCodestringZIP OR postal code for the user's postal address.
statestringState or province in the user's address.
streetAddressstringStreet address of the user's place of business.
surnamestringLast name of the user.
telephoneNumberstringPrimary telephone number of the user's place of business.
usageLocationstringA two letter country code indicating usage location.
userPrincipalNamestringUser principal name (UPN) of the user.Yes

Other Attributes

Other Attributes can be included by support team are discussed here
Attribute NameAttribute TypeAttribute Description
membershipcomplexList of the licenses that are assigned to the user.
dirSyncEnabledbooleanIndicates whether this user was synced from the on-premises directory.
facsimileTelephoneNumberstringTelephone number of the user's business fax machine.
immutableIdstringProperty used to associate an on-premises Active Directory user account to their Microsoft Entra ID user account.
lastDirSyncTimedateTimeIndicates the last time at which the user was synchronized with the on-premises directory.
lastNonInteractiveSignInDateTimedateTimeIndicates the last time a client signed in to the directory on behalf of a user. The timestamp represents date and time information always in UTC. For example, midnight UTC on Jan 1, 2022 is: 2022-01-01T00:00:00Z.
lastSignInDateTimedateTimeIndicates the last time a user signed in to the directory with an interactive authentication method. The timestamp represents date and time information always in UTC. For example, midnight UTC on Jan 1, 2022 is: 2022-01-01T00:00:00Z.
signInNamesstringSpecifies the collection of sign-in names for a local account in an Azure Active Directory B2C tenant.
userIdentitiesstringSpecifies the collection of userIdentities for a social user account in an Azure Active Directory B2C tenant.
creationTypestringIndicates whether the user account is a local account for an Azure Active Directory B2C tenant.
onPremisesSecurityIdentifierstringContains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud.
otherMailscomplexA list of additional email addresses for the user.
prefferedLanguagestringPreferred written or spoken language for a person.
userTypestringType of the user.
riskLevelstringLevel of the detected risky user.
riskStatestringState of the user's risk.
riskDetailstringDetails of the detected risk.
riskLastUpdateDateTimedateTimeThe date and time that the risky user was last updated.

Entitlement Attribute

Below are the default entitlement attributes that Entitlement.json can accommodate to fetch entitlements like Group, Roles etc from your Entra ID instance.
Attribute NameAttribute TypeAttribute DescriptionRequired
idbooleanLICENSE~License Id or GROUP~Group Id or TEAM~Team Id or ROLE~Role IdYes
externalIdstringA String that is an identifier for the resource as defined by the provisioning client.
displayNamestringDisplay Name of Entitlement. Maximum length: 256 charactersYes
typestringLICENSE or GROUP or TEAM or ROLEYes
metastringA complex attribute containing resource metadata with subattributes

resourceType : The name of the resource type of the resource

created : The datetime that the resource was added to the service provider

lastModified : The most recent datetime that the details of this resource were updated at the service provider. If this resource has never been modified since its initial creation, the value MUST be the same as the value of created

location : The URI where the resource is available

version : The version of the resource being returned.
schemasstringThe schemasattribute is an array of Strings containing URIs that are used to indicate the namespaces of the SCIM schemas that define the attributes present in the current JSON structure. This attribute may be used by parsers to define the attributes present in the JSON structure that is the body to an HTTP request or response. Each String value is an unique URI.Yes