Stack Overflow
Stack Overflow

Questions tagged [adfs4.0]

Active Directory Federation Services (AD FS) 4.0 service in Windows 2016 provides simplified, secured claims based identity federation and Web single sign-on (SSO) capabilities for end users who want to access applications within an AD FS-secured enterprise, in federation partner organizations, or in the cloud.

109 questions
2
votes
1 answer

OpenId Connect accessing both graph api and on prem resource with single login

Trying to get a ASP.NET web application to access both a local resource and graph api using a single login. The environment consists of a on prem adfs as well as a Azure AD instance that is synced and federated against on prem ad. I have the…
fhogberg
  • 415
  • 3
  • 11
2
votes
1 answer

Relying party vs application groups in ADFS

I am trying to understand the authentication in .NET web applications using ADFS. I followed the example in Microsoft documentation and I was able to handle the authentication of my app via ADFS. The given example adds application in a application…
Chaitanya Gadkari
  • 2,669
  • 4
  • 30
  • 54
2
votes
2 answers

ADFS 2016 X-Frame-Options to deny

I'm using adal.js on my react app (using react-adal wrapper). I configured my app to work with my ADFS 2016 server (on premise), and the authentication process works fine, but after the ADFS SSO cookie expired, when the client sends the renew token…
Maor Dadush
  • 21
  • 1
  • 3
2
votes
1 answer

How to determine disabled user with OAuth2/OpenID Connect offline access token?

We have AD FS 2016 fronting our corporate Active Directory domain for public OAuth2/OpenID Connect authentication. We are developing a simple application that is using our AD FS as an OAuth2/OpenID Connect identity provider. Users authenticate via…
MikeJansen
  • 3,336
  • 3
  • 26
  • 37
2
votes
0 answers

Explanation of IdentityServer4 logout spec

We are using IdentityServer4. We have a Windows 2016 server running ADFS (Active Directory Federation Services) version 4.0. This version of ADFS has OpenID Connect endpoints to do active directory authentication. We set this up as an external…
gilm0079
  • 595
  • 1
  • 4
  • 18
2
votes
1 answer

ADFS 4.0 automatic federated login with SAML 2.0

Currently working on integrating an ADFS solution for the first time for a client request. Our client wants to use the federated login feature provided by their document and email management service NetDocuments, which we need to mimic and support…
cfnq
  • 23
  • 2
1
vote
1 answer

AD FS OpenID connect userinfo endpoint returns only sub

I'm currently having trouble getting user-info after successful sign-in with AD FS. I setup my AD FS server and Web App by following Microsoft documentation. token and access token after successful sign-in I've also created relying party trust and…
Ibrahim
  • 55
  • 1
  • 8
1
vote
0 answers

Unable to logout using spring security OidcClientInitiatedLogoutSuccessHandler from ADFS server

When I do log out, It should redirect to end_session_endpoint of ADFS which is "https://fed04.xxxxxxx.com/adfs/oauth2/logout" however it's redirecting back to the home page without prompting for login. spring security OAuth client configuration for…
SarangRN
  • 91
  • 13
1
vote
0 answers

RedirectToIdentityProvider in Microsoft.AspNetCore.Authentication.WsFederation

We have an application that is Integrated with ADFS and is in .net framework. We have multiple Identity providers who we trust and give access to the application. We used to accommodate them by reading the whr value in the querystring and ading a…
Curious George
  • 63
  • 6
1
vote
2 answers

ADFS 2016 support for OIDC's `profile` scope?

I am trying to implement a web application using OIDC and the Authorization Code flow. I am using the OIDC Core 1.0 specification as a reference for how things should be working. I am trying to get this working against a Microsoft ADFS 2016 server,…
Tim Dean
  • 8,253
  • 2
  • 32
  • 59
1
vote
1 answer

How to release Active Directory confiential attributes via ADFS claim

I have marked the "Employee-Number" AD attribute as "confidential" by setting it's searchflags to 128 in ADSI Edit (https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/mark-attribute-as-confidential. I've verified that…
Systemspoet
  • 143
  • 4
1
vote
2 answers

Spring security ADFS SSO integration - Response doesn't have any valid assertion which would pass subject validation

my spring boot application some times showing below error while performing SSO validation with ADFS. ADFS timeout is set for 1 hour and application timeout is set for 4 hrs. response logs from fiddler trace are in encrypted format. is there a way to…
gopi vundavilli
  • 11
  • 3
1
vote
1 answer

ADFS Certificate expiration notification job

I have over 20 applications utilizing ADFS SSO authentication. Last year the token signing certificate expired and I went through the whole sky is falling - chasing down 3rd party vendors to schedule the refreshing of the metadata files to try to…
techietalk
  • 109
  • 2
  • 12
1
vote
0 answers

How long does old client secret stay active with AD FS's ChangeClientSecret on Set-AdfsServerApplication?

In AD FS 2016, when a new client secret is created using the PowerShell command Set-AdfsServerApplication -ChangeClientSecret, how long does the old secret stay active? The documentation for the Set-AdfsServerApplication command doesn't say how long…
Toby Artisan
  • 1,639
  • 3
  • 23
  • 26
1
vote
1 answer

ADFS Client credentials grant flow with mulitple clients in an application group

SETTUP: We have an application which needs to authenticate itself to an API with help of ADFS. For this it seems suitable to use Client Credentials Grant…
Jesper Lundin
  • 168
  • 1
  • 8
1
2
3 4 5 6 7 8