I don’t know if in others have seen the below before but to me it was a well-preserved secret, considering how much I have searched for everything possible regarding ADFS, claim issuance rules, MFA and the like.
I had a support case with Microsoft yesterday where he suddenly introduced this page as I had never heard of or seen before
And on it you can find:
And when you run it through then you can get all the delicious claim issuance rules to its Office 365 relying Party as I have seen in several screenshots on the Web:
You can of course also get them in modern installations where ADConnect and ADFS “Are Merged Together“
But I think the above was pretty nice
Btw. Deruover then I would just like to say that on this page at MS: Https://docs.microsoft.com/en-us/azure/active-directory/device-management-hybrid-azuread-joined-devices-setup
is mentioned on multiple verified domains Then it means on multiple verified FEDERATED domains.
MS says that they will correct it.