← Changelog
Aug 7, 2025

New claim for user ID in SAML SSO

We now support the custom userId claim for situations where you can’t configure the NameID claim to contain a persistent identifier like a user ID.

When using SSO with SAML, it’s important to make sure that the NameID claims contains a persistent identifier such as a user ID or employee ID, and not an email address. This is because the email address may change with time and a NameID change would make it impossible to match the user in DMARCwise upon login.

If you’re unable to change the configuration of the NameID claim, you can now create a custom claim with type userId: if the NameID format is not declared as persistent and the userId is present, the userId will be used in place of the NameID.

Learn more in the SSO documentation.


Struggling with email deliverability?

Test your email setup for free, then start monitoring SPF, DKIM and DMARC.

✅ Ensure your emails land in the inbox
🚀 Troubleshoot with a powerful dashboard
🧪 Run interactive diagnostics
📊 Monitor with weekly email digests

Create a free account

or

Learn more about DMARCwise