Hello,
I posted this question in the SailPoint community forum, but not sure if I should post it here instead (please let me know if this is not the right place). I have noticed that when searching for entitlements within the IdentityNow portal, which is pulling from Azure AD, the name of the entitlement is the Azure object ID rather than the name of the actual Azure group. If I want to create a role and add someone to an Azure AD group, I have to search it by the object ID rather than the name.
I know that within Azure, you can have dozens of groups with the same name, and Azure doesn’t care since it only cares about the object ID being unique. But is this behavior “normal”? As far as I can tell, all the API permissions were set correctly based on this document: https://documentation.sailpoint.com/connectors/microsoft/azure_ad/help/integrating_azure_active_dire…
I came across this community post: https://developer.sailpoint.com/discuss/t/azure-entitlement-group-is-showing-as-a-guid-rather-than-a….
One user recommends setting the displayName attribute to be the entitlementID, which worked for them. But I am not sure if this is the right thing to do and if it could cause issues when having multiple Azure groups with the same name.
I am also seeing the same behavior for Office 365 licenses. Instead of displaying the name of the license, it is displaying the license GUID.
Thank you,
Ricardo T
