There are a lot of blogs about this but very little useful information.
So I thought about creating a client that shows this.
And then I thought about Authorization Server.
You can get this working if you want - just hook up to AS to ADFS as a normal ASP.NET RP for authentication.
But that's not what this post is about - I wanted to use the sample code to access ADFS.
Under "samples/Flows/Clients/OAuth2 CodeFlow you'll find the sample.
First you have to configure ADFS and you have to use PowerShell to do this - there's no wizard support.
You use the AdfsClient commands as per AD FS Cmdlets in Windows PowerShell.
Vittorio has blogged on this: Securing a Web API with Windows Server 2012 R2 ADFS and Katana.
Of interest is setting up the RP (worth repeating that it is neither WS-Fed nor SAML so don't tick any boxes) and the Add-AdfsClient command.
My RP then looks like:
So running Get-AdfsClient on my box:
RedirectUri : {https://xxx/CodeFlow/callback}
Name : AMCodeFlowClient
Description : AM Code Flow Client
ClientId : codeclient
BuiltIn : False
Enabled : True
ClientType : Public
ToDo: Code changes to the sample.
Enjoy!
No comments:
Post a Comment