Hello Thomas,
Are you using SAML authentication with Azure AD as Identity Provider ?
Will the user's actual email address be present in the mail attribute in Azure AD ?
If so, can you please try the following :
- Go to Azure AD
- Click on the Application that you have added and go to SAML Attributes page
- Use "mail" as value for "nameidentifier" (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier)
- Apply Changes and then try authentication one time
Please refer a sample screenshot.
Let us know how this goes.
Thanks & Regards,
Ram
ServiceDesk Plus OnDemand Support