Realty ws-trust IDP interworking with AAD token issuer, in saml bearer grant


image

 

Using fiddler proxy, we were able to craft delivery of custom metadata from our IDP whose endpoint addresses now meets the expectations of the Micosoft ADAL libraries saml-bearer grant flow.

 

The only code change we made to this service was  add a nameid format property to the subject field (of value unspecified). But, Im really not convinved that that has anything to do with sudden interoperability. Making our active and passive STS have configurable values for that property doesn’t seem particularly useful, though is vaguely more correct.

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in AAD. Bookmark the permalink.