What is a possible reason you would need to edit claims issued in a SAML token?
A.
The NameIdentifier claim cannot be the same as the username stored in AD.
B.
Authentication fails consistently.
C.
The NameIdentifier claim cannot be the same as the claim URI.
D.
The NameIdentifier claim must be the same as the username stored in AD.
Explanation:
The two reasons you would need to edit claims issued in a SAML token are:
The NameIdentifier claim cannot be the same as the username stored in AD, and The app
requires a different set of claim URIs.
https://azure.microsoft.com/en-us/documentation/articles/active-directory-saml-claimscustomization/