If you are using Azure Active Directory as your identity provider, you need to complete some additional configuration steps to ensure that the group membership of your users is sent to Burp Suite Enterprise Edition.
In Azure portal, open the application that you are adding to represent Burp Suite Enterprise Edition. Under “Set up Single Sign-on with SAML”, go to the “User Attributes and Claims” section and add a group claim.
- If your Azure instance is backed by an on-premise installation of Active Directory, select
sAMAccountName
as the source attribute. Note that when you create your user groups in Burp Suite Enterprise Edition, they must have the exact same name as the correspondingsAMAAccountName
in your Active Directory. - If your users are managed in Azure Active Directory, select
Group ID
as the source attribute. In this case, you will need to use the correspondingGroup ID
as the name for your user groups in Burp Suite Enterprise Edition.
Reference:https://portswigger.net/burp/documentation/enterprise/administration-tasks/sso/saml/saml-azure-ad