The id_token contains a claim whose name is unique_name. Its value appears to be the same as that of the upn claim. Which User entity attribute provides the value for this claim?
Based on my observations, the upn claim does not show up for guest users.
The unique_name however does show up for all users.
It is not always something that can be displayed, for example for a Guest I added it looks like this:
live.com#[email protected]
So in this case it is actually a personal MS account, as indicated by the live.com# prefix.
In the case of a guest from another AAD, the value is their UPN with no prefix.
Though that said if you need a unique identifier for the user that does not change,
you can use either the oid or sub claims.
The former is the object id for the user which can be used in calls to MS Graph API for example, while the latter is a unique identifier for the user in context to your app.
So the object id will be the same across all apps, and the subject will be unique within one app.