Share via

People Picker fails to resolve users after OIDC 1.0 migration

Henry Harris 50 Reputation points
2026-03-09T10:47:01.5466667+00:00

My SharePoint Server Subscription Edition (SE) farm is experiencing a People Picker failure following the migration to OpenID Connect (OIDC) 1.0; while authentication via Entra ID is successful, the People Picker cannot resolve users or displays raw claim strings instead of friendly names.  This indicates a disconnect between the OIDC identity issuer and the User Profile Service (UPS), as OIDC lacks the native directory search capabilities of NTLM.

I need to confirm if enabling the UPA-based People Picker via PowerShell is sufficient to bridge this gap, or if a custom claims provider is still required to map the sub claim to the workmail property for proper resolution during the "Search" phase.

Microsoft 365 and Office | SharePoint Server | Development
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jayden-P 17,875 Reputation points Microsoft External Staff Moderator
    2026-03-09T11:33:50.1066667+00:00

    Hi @Henry Harris

    Thank you for posting question to Microsoft Q&A forum.

    You are right, when modern ("trusted identity provider") authentication such as Security Assertion Markup Language (SAML) 1.1 or OpenID Connect (OIDC) 1.0 is used, the People Picker control can't search, resolve, and validate users and groups.

    In previous versions of SharePoint Server, the only solution was to use a Custom Claims Provider (this solution also applies to SharePoint SE).

    But since you are using SE, another solution is to configure UPA to synchronize users and groups from the trusted identity provider membership store. This will allow the People Picker to resolve valid users and groups without needing a Custom Claims Provider.

    User's image

    You can follow the steps here: Enhanced People Picker for modern authentication - SharePoint Server | Microsoft Learn

    If UPA-backed doesn't resolve the issue, try Create a claims provider in SharePoint | Microsoft Learn.

    I hope this information helps.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.