tag:blogger.com,1999:blog-11195359.comments2023-08-18T17:53:12.377+12:00Random thoughts and collisionsnzpcmadhttp://www.blogger.com/profile/06352759009406963230noreply@blogger.comBlogger417125tag:blogger.com,1999:blog-11195359.post-45195113514393981022023-08-17T21:59:41.801+12:002023-08-17T21:59:41.801+12:00Worked!!! Thank you!Worked!!! Thank you!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-90712332304791946562023-08-17T21:58:15.569+12:002023-08-17T21:58:15.569+12:00Worked! Thank you for the help! Worked! Thank you for the help! Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-48342998359828852012023-03-03T10:35:24.172+13:002023-03-03T10:35:24.172+13:00Ditto !!!!Ditto !!!!KeithwNZhttps://www.blogger.com/profile/14094243075642151160noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-53636604027870018132022-12-06T03:51:49.056+13:002022-12-06T03:51:49.056+13:00Saved me too - thank you!Saved me too - thank you!Emily Mnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-6783341868671762832022-11-18T13:36:52.047+13:002022-11-18T13:36:52.047+13:00Reboot new fixed issue but restarting the Windows ...Reboot new fixed issue but restarting the Windows Internal Database service first did! Thank you! have spent 4 hours working on this issue. Have been able to recreate the issue on Server 2019 ADFS servers.Bob Youngnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-13910541197225325502022-11-02T18:00:26.281+13:002022-11-02T18:00:26.281+13:00NiceNiceSafia Jilanihttps://www.blogger.com/profile/17165257606577817427noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-86563948551906356342022-10-20T04:01:06.635+13:002022-10-20T04:01:06.635+13:00Thank you for this!
You earned my respect.Thank you for this!<br />You earned my respect.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-35607290081676804972022-09-22T02:47:47.329+12:002022-09-22T02:47:47.329+12:00I pretty much doubt that this would work, especial...I pretty much doubt that this would work, especially since I rebooted the server before. But I tried it and you know what, it worked. Thank you.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-62049896021035923822022-09-20T08:07:02.515+12:002022-09-20T08:07:02.515+12:00You are a hero!!! Thank you soo much.You are a hero!!! Thank you soo much.arjun rajanhttps://www.blogger.com/profile/08184236168169440096noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-10874706775599196772022-09-10T07:51:38.113+12:002022-09-10T07:51:38.113+12:00Wow, thank you, this also saved me a ton of time!Wow, thank you, this also saved me a ton of time!Pete Cnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-45583111214967928252022-07-20T20:13:06.156+12:002022-07-20T20:13:06.156+12:00he prefix for audience is done by adfs to access t...he prefix for audience is done by adfs to access tokens with a guid client id. To avoid it, use the uri of the resource as the client id for the web api in the adfs app group. Also: swagger expects an id token, but adds will not issue such a thing without posts So you have to use native client for swagger in adfs. Also, you have to modify the response type requested by swagger to be code+token. Either manually correct the adfs call or hack some javascript into swagger to intercept and modify the query parameters. Finally, adfs needs to be setup to add claims through the claims rules. Yeah, adfs and swagger is somewhat of a headachebut<br /><br /><br /><b>Did you try any solution</b>Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-30358091922423196052022-07-02T05:34:12.048+12:002022-07-02T05:34:12.048+12:00Hi, thankyou, I try to follow all your instruction...Hi, thankyou, I try to follow all your instruction but I receive:<br /><br />401 - Unauthorized: Access is denied due to invalid credentials.<br /><br />what can I have to verify?<br />best regardsLorenzonoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-37181843680614452212022-05-14T06:33:11.337+12:002022-05-14T06:33:11.337+12:00I work at Microsoft. My customer had this same er...I work at Microsoft. My customer had this same error. This is how we fixed it. We used Claims x-ray. We had them do a login with an identity from Active Directory and then do a login with an identity that uses an external claims provider trust. <br /><br />When we compared the Claims X-Ray output, the value for anchorclaimtype didn't look right on the claims provider trust test login. We made a change in the claims provider to issue http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress as the anchor claim type and it resolve the problem. <br /><br />v-michall@microsoft.comMichael Hallhttps://www.blogger.com/profile/01000030590883397848noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-56633853964171405932022-04-09T06:07:07.739+12:002022-04-09T06:07:07.739+12:00(Get-AdfsAccessControlPolicy -Name $ADFSControlPol...(Get-AdfsAccessControlPolicy -Name $ADFSControlPolicy).PolicyMetadata.serialized<br />You can just add to the top Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-82415266134071531642022-03-26T05:49:34.431+13:002022-03-26T05:49:34.431+13:00I spent a couple days trying different solutions, ...I spent a couple days trying different solutions, nothing worked. Found this and had it working in about 5 minutes. Thank you so much!Geoff Dhttps://www.blogger.com/profile/05086728318511199578noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-14364130673502471612022-03-26T05:37:55.438+13:002022-03-26T05:37:55.438+13:00Found this after a couple days of trying. I had my...Found this after a couple days of trying. I had my code working in about 3 minutes. Thank you!Geoff Dhttps://www.blogger.com/profile/05086728318511199578noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-52475844765487147072022-02-23T03:34:51.112+13:002022-02-23T03:34:51.112+13:00thank you. that worksthank you. that worksAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-30903952567317416822022-02-04T22:18:04.124+13:002022-02-04T22:18:04.124+13:00Thanks! This was a great help!Thanks! This was a great help!Weikkonoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-53096834128358467102022-01-18T02:34:25.167+13:002022-01-18T02:34:25.167+13:00This helped! thanksThis helped! thanksAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-16988838844462799202021-11-10T12:37:38.281+13:002021-11-10T12:37:38.281+13:00It's cute, but 10 months later I have no clue ...It's cute, but 10 months later I have no clue what I was doing here..<br />Apparently I helped someone, so that good!Tim van Dijenhttps://www.blogger.com/profile/12117046674378639218noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-68421632300324120382021-10-28T17:53:14.976+13:002021-10-28T17:53:14.976+13:00Its workedIts workedVaisakhhttps://www.blogger.com/profile/13224677501200773352noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-90727057982418836242021-10-28T17:52:49.441+13:002021-10-28T17:52:49.441+13:00Its workedIts workedVaisakhhttps://www.blogger.com/profile/13224677501200773352noreply@blogger.comtag:blogger.com,1999:blog-11195359.post-60463243038175455222021-09-16T00:48:07.887+12:002021-09-16T00:48:07.887+12:00replace all the back-slashes "\" make to...replace all the back-slashes "\" make totally sense, since the key was escaped, thanks!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-91280361231912445162021-08-04T04:55:33.605+12:002021-08-04T04:55:33.605+12:00It must be broken in VS 2019, all I get are runtim...It must be broken in VS 2019, all I get are runtime dependent assemblies to `Microsoft.IdentityModel..` where those assemblies as of WIF 4.5, should be in System. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-11195359.post-11388768861864863052021-07-30T10:08:12.527+12:002021-07-30T10:08:12.527+12:00That syntax looks correct.
What error do you get?...That syntax looks correct.<br /><br />What error do you get? That it is returned in base64? That's expected.<br />nzpcmadhttps://www.blogger.com/profile/06352759009406963230noreply@blogger.com