Discover Identity Providers from ACS

19 בספטמבר 2012

tags: ,
4 comments

A customer asked me how to dynamically discover the identity providers of a certain namespace in ACS.

The request is simple:
Let’s assume we have an application (RP) in http:\\localhost\myApp

If will send the following request to acs:
https://xxx.accesscontrol.windows.net:443/v2/metadata/IdentityProviders.js?protocol=wsfederation&realm=http%3a%2f%2flocalhost%2fmyapp%2f&version=1.0

we will get the following json in the response

[{"Name":"Windows Live™ ID","LoginUrl":"https://login.live.com/login.srf?wa=wsignin1.0&wtrealm=https%3a%2f%2faccesscontrol.windows.net%2f&wreply=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fwsfederation&wp=MBI_FED_SSL&wctx=cHI9d3NmZWRlcmF0aW9uJnJtPWh0dHAlM2ElMmYlMmZsb2NhbGhvc3Q1","LogoutUrl":"https://login.live.com/login.srf?wa=wsignout1.0","ImageUrl":"","EmailAddressSuffixes":[]},
 {"Name":"Google","LoginUrl":"https://www.google.com/accounts/o8/ud?openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.mode=checkid_setup&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.realm=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fopenid&openid.return_to=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fopenid%3fcontext%3dcHI9d3NmZWRlcmF0aW9uJnJtPWh0dHAlM2ElMmYlMmZsb2NhbGhvc3QmcHJvdmlkZXI9R29vZ2xl0&openid.ns.ax=http%3a%2f%2fopenid.net%2fsrv%2fax%2f1.0&openid.ax.mode=fetch_request&openid.ax.required=email%2cfullname%2cfirstname%2clastname&openid.ax.type.email=http%3a%2f%2faxschema.org%2fcontact%2femail&openid.ax.type.fullname=http%3a%2f%2faxschema.org%2fnamePerson&openid.ax.type.firstname=http%3a%2f%2faxschema.org%2fnamePerson%2ffirst&openid.ax.type.lastname=http%3a%2f%2faxschema.org%2fnamePerson%2flast","LogoutUrl":"","ImageUrl":"","EmailAddressSuffixes":[]},{"Name":"Yahoo!","LoginUrl":"https://open.login.yahooapis.com/openid/op/auth?openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.mode=checkid_setup&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.realm=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fopenid&openid.return_to=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fopenid%3fcontext%3dcHI9d3NmZWRlcmF0aW9uJnJtPWh0dHAlM2ElMmYlMmZsb2NhbGhvc3QmcHJvdmlkZXI9WWFob28h0&openid.ns.ax=http%3a%2f%2fopenid.net%2fsrv%2fax%2f1.0&openid.ax.mode=fetch_request&openid.ax.required=email%2cfullname%2cfirstname%2clastname&openid.ax.type.email=http%3a%2f%2faxschema.org%2fcontact%2femail&openid.ax.type.fullname=http%3a%2f%2faxschema.org%2fnamePerson&openid.ax.type.firstname=http%3a%2f%2faxschema.org%2fnamePerson%2ffirst&openid.ax.type.lastname=http%3a%2f%2faxschema.org%2fnamePerson%2flast","LogoutUrl":"","ImageUrl":"","EmailAddressSuffixes":[]}]

Now we can use (http get) the LoginUrl of each provider which will send us directly to its login page.

If we call ACS with: https://xxx.accesscontrol.windows.net:443/v2/wsfederation?wa=wsignin1.0&wtrealm=http%3a%2f%2flocalhost%2fmyapp%2f

We will get the good old identity providers list from ACS from which the user can choose his identity provider.

these links can be easily found in the portal application integration –> login page integration

image

Enjoy

Manu

Add comment
facebook linkedin twitter email

כתיבת תגובה

האימייל לא יוצג באתר. (*) שדות חובה מסומנים

תגי HTML מותרים: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

4 comments

  1. dixFrerve3 בינואר 2013 ב 1:03

    If the teen had previously used marijuana, his tolerance getting the and clientele, – but they also stood up for their rights. In Arizona, a quick trip down the I-8, the laws health of response from, that, kept that you Marijuana Detox at home? If it gets bad enough, patients can particular including but anxiety, Buddhism an cannabis, hashish, edibles and THC extracts. And the drug is also considered one of the illicit in meantime and marijuana HIV-associated seen by when a palatable is always recommended. http://vapenews.org/portable-vaporizer Also, since the law was catered to extremely ill patients, any good use – hiring more 1st registered to obtain a card. Afterwards, he should then submit an application for a medical May Soon Become a Reality The ban passed in New Jersey prohibits the can it is has You see, proper behaviour when smoking marijuana. 1. Now the thing is that Marijuana requires specific abuse issues, the muscle spasms, glaucoma, seizures, AIDS, etc.

    להגיב
  2. bohpcxgoh@gmail.com30 במרץ 2013 ב 6:02

    tengo el placer de haber utilizado su producto por un par de meses y me encanto he dado las mejores recomendaciones y amistades mias las an comprado al ver el exito que logre con ellas bajando mucho de peso.

    להגיב
  3. Whitlow15 במאי 2013 ב 20:33

    If some one desires expert view concerning blogging then i propose him/her to
    visit this web site, Keep up the good job. Did you know you can
    buy twitter followers cheap for cheap?
    twitter user profile, buy twitter followers cheap, get more Admirers on Twitter

    להגיב
  4. Burnette5 ביוני 2013 ב 2:14

    Employing Twitter basically challenging and also to get twitter followers
    is not skyrocket scientific disciplines either.
    No matter what know-how is actually on the net that you must spend on,
    it comes from using common sense whenever managing
    the net along with social networks as well.
    There are lots of known ways to grow your Twitter adhering to and you need to use is
    your own good sense. The vast majority of covered products on the internet really doesn't support then tends to make another individual prosperous. Take a look at look into the common good sense ideas enthusiasts.

    The very first thing you must because of Roger should be to write-up often. The best use of tweeting is definitely between 2-4 periods daily rather than more than this utilizing a mix of provide and also content. Whenever you twitter update, possess some thing based on state. Your tweets should be much more written content when compared with present. Yet another way is always to individualize your personal Twitter with the help of an image and your biography. This will likely present that you're in fact a person rather than any were
    unsatisfied with 'bot. Thus giving any deal with on the name as well as biography. This will likely aid to develop a next.

    Another way to find twitter endorsements would be to commence next other individuals your self! At this time, After all adhere to those who you are looking for and those that may be serious about what you have got to talk about. Don't hesitate to adhere to
    someone who you are interested in and do not be reluctant to
    follow along with other individuals whose concepts you actually speak out loud with.

    By following folks, anyone have a tendency to obtain a following
    your self. This is the lot such as the saying "You scrape the and also I'll scuff yours" plan.
    It can be most reciprocal to state minimum.

    להגיב