MIMUSH-MSFTE
Reputation: 137
Azure AD B2C - Using ADFS as an Identity Provider
The client we are attempting to integrate with has ADFS as their IDP. The customer is trying to use Azure AD B2C as their IDP.
The error is that Azure AD B2C tries to connect to their SAML endpoint directly which is not open to the public, so it fails.
Is there a way to upload their Federation.xml file into Azure AD B2C so that it doesn't try to connect to the URL?
Upvotes: 2
Views: 597
Answers (1)
Saca
Reputation: 10646
You can embed a SAML IDP's metadata in the custom policy directly by setting the the value of the PartnerEntity item within the ClaimProvider's Metadata to have a <![CDATA element.
<ClaimsProvider>
<Domain>mysamlidp</Domain>
<DisplayName>My SAML IdP</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="MySamlIdP">
<DisplayName>My SAML IdP</DisplayName>
<Description></Description>
<Protocol Name="SAML2" />
<Metadata>
<Item Key="RequestsSigned">false</Item>
<Item Key="WantsEncryptedAssertions">false</Item>
<Item Key="PartnerEntity"><![CDATA[
<!-- REPLACE THIS WITH YOUR METADATA XML -->
<EntityDescriptor Id="..."><!-- ... --></EntityDescriptor>
<!-- REPLACE THIS WITH YOUR METADATA XML -->
]]></Item>
</Metadata>
<CryptographicKeys>
<!-- ... etc ... -->
Upvotes: 5
Related Questions
- Authenticate Azure AD User Using Azure B2C
- Azure AD B2C Custom identity provider
- Azure AD and Azure B2c
- Azure AD B2C authentication
- Configuring ADFS 2.0 as SAML identity provider for b2c
- Azure AD B2C and on-premise Active Directory
- Claims from Azure B2C and ADFS as an Identity Provider
- Azure B2C and ADFS
- Azure AD B2C exception when integrating with ADFS
- Azure Active Directory B2C