0

I have regular windows based C/C++ services running on desktops that need to call a REST API in the extranet, The web service will be added as a relying trust party in ADFS (windows server 2016 /ADFS4.0) since the service doesn't interact with the user I was planning to use the "user cert" authentication approach. (I hope this is making sense)

MSDN is very thin on the browserless client front for most of the ADFS bits especially cert auth.

Ask is, is user cert authentication identical to TLS authentication? If the c/c++ service present the right user cert as client cert in the TLS handshake will it work?

amritanshu
  • 777
  • 13
  • 25

1 Answers1

0

What version of ADFS?

  • 2.0 - has no REST support
  • 3.0 - limited
  • 4.0 - full support
rbrayb
  • 46,440
  • 34
  • 114
  • 174
  • I have updated the query with that, but I think you have misread the question? – amritanshu Aug 23 '17 at 06:26
  • The reason I asked is that ADFS 4.0 has full support for OpenID Connect / OAuth and if there is no user interaction you could use client credentials or resource owner password flows. – rbrayb Aug 23 '17 at 07:44
  • ok but usercredentials will not work if the user is not part of enterprise network which is where we need user cert authentication. – amritanshu Aug 23 '17 at 09:28
  • Client credentials just relies on a secret key - no user info. – rbrayb Aug 23 '17 at 20:21