Creating an Attribute Set
This guide provides step-by-step instructions for creating a Custom Security Attribute set in EmpowerID. Attribute sets provide logical containers for grouping related Custom Security Attributes.
Prerequisites
Before creating an attribute set, ensure:
- EmpowerID is configured for Custom Security Attributes
- The Microsoft Entra account store connection is active
Procedure
-
Navigate to Resource Admin in the main application menu.
-
Select Applications from the navigation panel.
-
Click Custom Security Attributes in the left sidebar.
-
Click Add Attribute Set in the top-right corner.
The Add Attribute Set dialog opens.
-
Complete the required fields:
- Attribute Set Name (Required): Enter a unique identifier for your attribute set (1-32 characters, alphanumeric and underscores only). Use clear, descriptive names that indicate the attribute purpose and follow organizational naming standards. Examples:
HR_EmployeeData,IT_SystemAccess,Security_Compliance. - Description (Optional): Enter a detailed explanation of the attribute set's purpose and usage (up to 1024 characters). Include information about intended use, scope, and context. Example: "Contains human resources attributes for employee classification, department assignment, and employment status tracking. Used for HR system integration and access control."
- Resource System (Required): Select the target Microsoft Entra tenant where the Custom Security Attributes will be created. This determines where the attributes will be stored and managed.
- Maximum Number of Attributes (Required): Specify the maximum number of attributes that can be created within this set (minimum 1, maximum 500). Consider current and future attribute needs.
- Attribute Set Name (Required): Enter a unique identifier for your attribute set (1-32 characters, alphanumeric and underscores only). Use clear, descriptive names that indicate the attribute purpose and follow organizational naming standards. Examples:
-
Click Add Attribute Set to create the attribute set, or Cancel to discard the changes.
-
Verify the attribute set appears in the Custom Security Attributes listing.
Attribute sets created in EmpowerID are immediately synchronized to Microsoft Entra ID. Allow up to 5 minutes for the attribute set to appear in the Azure Portal due to replication timing.
Once created, certain properties cannot be modified:
- Attribute set name
- Resource system (tenant)
- Maximum number of attributes
Plan these settings carefully based on your organizational requirements.
After creating the attribute set, you can view its details by clicking the attribute set name in the Custom Security Attributes listing. The overview page displays comprehensive information including the friendly name, technical name, resource system, description, maximum number of attributes, and count of active and deactivated attributes.
Attribute set overview page showing details and available tabs
The overview page provides access to the Active Attributes tab (lists all currently active attributes), Deactivated Attributes tab (displays temporarily disabled attributes), and Assignments tab (shows all attribute assignments for users and service principals).
Next Steps
After creating an attribute set:
- Create attributes within the attribute set to define specific metadata fields
- Review the overview documentation for conceptual information about Custom Security Attributes