Integrating IdentityServer3 with ADFS

Question

Disclaimer: Very new to AD here, so apologies if this is a simple question.

My company exposes a publicly accessible ADFS (https://adfs.xxxxx.com/adfs/ls/?username=...). Whenever we use services such as Azure and Office365 we are able to log in by entering our AD credentials.

I am not sure how to leverage this same ADFS for an application we are building and hosting in the cloud.

I see that IdentityServer3 has WsFederationAuthentication, which would work only if we are logged into our local domain.

Would the app need to be registered with the ADFS?

Answer 1

What application are you talking about?

Is it a separate application or do you mean IdentityServer?

And are you trying to authenticate with Azure AD or ADFS?

Could you please describe the use case?

@Igaud's answer describes the case where you want identityServer to hook into Azure AD? The question was "Integrating IdentityServer3 with ADFS" but that's not what was in the body.

Refer: IdentityServer : ASP.NET MVC application to idsrv3 to ADFS .

Answer 2

It sounds like you already have your ADFS connecting to Azure AD (to enable Office365), in which case you should have Identity Server talk to Azure AD via Open ID Connect rather than trying to set up WSFederation. To do that you'd need to have one of your Azure Administrators create an Azure AD App for you, and you set it up like in this example:

        var aad = new OpenIdConnectAuthenticationOptions
        {
            AuthenticationType = "aad",
            Caption = "Azure AD",
            SignInAsAuthenticationType = signInAsType,

            Authority = "https://login.windows.net/4ca9cb4c-5e5f-4be9-b700-c532992a3705",
            ClientId = "65bbbda8-8b85-4c9d-81e9-1502330aacba",
            RedirectUri = "https://localhost:44333/core/aadcb",
        };
        app.UseOpenIdConnectAuthentication(aad);