How to check which user logged into ADFS

Question

I want to know which user is logged in currently into the ADFS. I am using Claims Provider for ADFS and through that, I am logging into ADFS. Now I want to see in ADFS that this particular user is currently logged in. Basically I want to see the user details of logged in user in ADFS

Answer 1

Possible create a db log.

Example:

1. Create a custom db connection in Attributes Stores.
2. Create the sp_ADFSLoginHistory stored procedure in custom db (insert to table).
3. Add the claim rule to all CPT and LCPT. @RuleName = "ADFS Login History" username:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"] && authInstant:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant"] => issue(store = "sqldb", types = ("http://schemas.microsoft.com/ws/2008/06/identity/claims/customLogSuccess"), query = "EXEC [dbo].[sp_ADFSLoginHistory] {0}, {1}, {2}", param ="#LCPTorCPTName#", param = username.Value, param = authInstant.Value);

The possible valid user session ==> authInstant.Value + tokenLifeTime > now()

Answer 2

There is no as such session monitoring console on ADFS, instead there are events generated for every successfull authentication that contains claims. Also, if you want to check the entire header based interaction, please enable security logs. Also, enabling security logs is not recommended for production environment as it creates enormously large count of events for every authentication request ADFS receives.