Reputation: 2187
ADFS as a SAML Service Provider
Is it possible to set up Active Directory Federation Services as a service provider with SAML 2.0?
Rather than writing my own code to consume an assertion from an IdP, I'd rather put some packaged software in front of my SaaS application that handles all the communication with the IdP. Once all the validation & authentication is complete, I'd like ADFS to pass my app the metadata about the user required to log them in. My users are stored in a separate SQL Server table - not in AD. Is this possible to use ADFS for?
Upvotes: 1
Views: 1640
Answers (1)
Reputation: 46720
Yes - ADFS can be a SAML 2.0 SP.
No - ADFS cannot authenticate against SQL Server - only AD (The next version will be able to). Have a look at identityserver which can (but note it has no SAML SP support).
Either way, your application needs to use either WIF or OWIN to handle the client side.
What you get back is a set of claims / attributes. You only get these back after the user has authenticated.
Upvotes: 2
Related Questions
- Client Side ADFS configuration for SAML based WebSSO protocol
- Providing proper security for SAML service provider
- Implementing ADFS in application how to?
- Pass through incoming claims
- Using ECP SAML with ADFS
- SAML 2.0 claims not passing through ADFS
- Sharepoint 2013 on premise in ADFS
- ADFS 2.0, SSO and SAML 2.0
- Single Sign On SAML Interception
- SAML IDP, ADFS 2.0 SP & WS-Fed Application