I have a site running RPS to authenticate users using personal Microsoft Live ID accounts. I am identifying them using the PUID right now.
I am now reworking the authentication of this site to use OIDC/OAuth, meaning that I won't get the PUID of my users anymore, but just the nameidentifier claim.
How is it possible for me to migrate users from RPS (PUID) to OIDC (nameidentifier)? Like querying the PUID using the nameidentifier?
I can't find any relevant information on PUID anymore, or RPS for that matter.
While this doesn't answer the exact question, after some testing I've found a workaround as follows:
The ID from MSA OAuth endpoint is the same as the one from Microsoft graph API. This is actually the API used by many middlewares to get the User ID within Microsoft. It is called "id" in the /profiles/me endpoint. This "id" is also called CID.
RPS can also retrieve a MSA CID, so it's basically working the other way around. It's not about mapping them by getting the PUID from OAuth, but getting the CID from RPS.