0

I am new to ADFS, Claims based auth and SAML2. I am working on an application that needs to get information from ADFS on a particular user. This isnt SSO. I will have a username passed to my application, i then need to query ADFS telling it what attributes i need back on the user. I will not have any information other than the username. I will have access to configure ADFS and build trust etc for my app.

I am unsure of how to go about this implementation. Is there a library I can use? Is SAML2 the best option? Is this even possible?

Any and all help would be greatly appreciated.

Thanks all

GaryT
  • 115
  • 1
  • 1
  • 8

1 Answers1

1

ADFS is built on top of AD and handles the federation side of things (i.e. the SSO part).

When you connect an application to ADFS, the login page is part of ADFS. To login, you have to have a user name and password. This has to be entered on the screen.

This can't be done with just a user name.

It sounds like you simply need to query AD via LDAP calls using the C# DirectoryServices or AccountManagement API.

rbrayb
  • 46,440
  • 34
  • 114
  • 174
  • Thanks for this. I am working with DirectoryServices at the moment. I need to be able to search users throughout an org. I have it searching at forest level at the moment, but worried about multi-forest scenarios with federated trust – GaryT Jul 31 '18 at 14:23