Thursday, July 21, 2016

ADFS : Authentication with .NET Core

This is for Active Directory Federation Services (ADFS / "AD FS") on Server 2016 Technical Preview 5.

The client is built on .NET Core along the lines of AAD : Authentication with .NET Core.

So I built the .NET Core sample as per the post above and then changed the code as per this gist.

I configured ADFS by adding an application group and picking "Standalone Application" and "Server application or Website".


The Client ID needs to be cut and pasted into appsettings.json as does the secret key that you generate as part of the process.

Note that you have to add "/signin-oidc" to the Redirect URL. I have no idea where this comes from. It must be added somewhere as part of the middleware.

Then I got this error:

Microsoft.IdentityServer.Web.Protocols.OAuth.Exceptions.OAuthClientCredentialAuthenticationException: MSIS9267: No Client credentials found in the request. Client '2c...b7' is configured as a confidential client.

Zero documentation on this and much frustration but then in desperation I added the ClientSecret in the code and suddenly it worked!

I did not do this when I did the other examples e.g. ADFS - Web App and Web API on Server 2016 TP4 ADFS 4.0 and they worked so completely baffled!


1 comment:

MaRK said...

How to get additional and optional claims?