DCSIMG
Discover Identity Providers from ACS - Manu Cohen-Yashar's Blog

Manu Cohen-Yashar's Blog

Discover Identity Providers from ACS

A customer asked me how to dynamically discover the identity providers of a certain namespace in ACS.

The request is simple:
Let’s assume we have an application (RP) in http:\\localhost\myApp

If will send the following request to acs:
https://xxx.accesscontrol.windows.net:443/v2/metadata/IdentityProviders.js?protocol=wsfederation&realm=http%3a%2f%2flocalhost%2fmyapp%2f&version=1.0

we will get the following json in the response

[{"Name":"Windows Live™ ID","LoginUrl":"https://login.live.com/login.srf?wa=wsignin1.0&wtrealm=https%3a%2f%2faccesscontrol.windows.net%2f&wreply=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fwsfederation&wp=MBI_FED_SSL&wctx=cHI9d3NmZWRlcmF0aW9uJnJtPWh0dHAlM2ElMmYlMmZsb2NhbGhvc3Q1","LogoutUrl":"https://login.live.com/login.srf?wa=wsignout1.0","ImageUrl":"","EmailAddressSuffixes":[]},
 {"Name":"Google","LoginUrl":"https://www.google.com/accounts/o8/ud?openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.mode=checkid_setup&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.realm=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fopenid&openid.return_to=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fopenid%3fcontext%3dcHI9d3NmZWRlcmF0aW9uJnJtPWh0dHAlM2ElMmYlMmZsb2NhbGhvc3QmcHJvdmlkZXI9R29vZ2xl0&openid.ns.ax=http%3a%2f%2fopenid.net%2fsrv%2fax%2f1.0&openid.ax.mode=fetch_request&openid.ax.required=email%2cfullname%2cfirstname%2clastname&openid.ax.type.email=http%3a%2f%2faxschema.org%2fcontact%2femail&openid.ax.type.fullname=http%3a%2f%2faxschema.org%2fnamePerson&openid.ax.type.firstname=http%3a%2f%2faxschema.org%2fnamePerson%2ffirst&openid.ax.type.lastname=http%3a%2f%2faxschema.org%2fnamePerson%2flast","LogoutUrl":"","ImageUrl":"","EmailAddressSuffixes":[]},{"Name":"Yahoo!","LoginUrl":"https://open.login.yahooapis.com/openid/op/auth?openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.mode=checkid_setup&openid.claimed_id=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.identity=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0%2fidentifier_select&openid.realm=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fopenid&openid.return_to=https%3a%2f%2fxxx.accesscontrol.windows.net%3a443%2fv2%2fopenid%3fcontext%3dcHI9d3NmZWRlcmF0aW9uJnJtPWh0dHAlM2ElMmYlMmZsb2NhbGhvc3QmcHJvdmlkZXI9WWFob28h0&openid.ns.ax=http%3a%2f%2fopenid.net%2fsrv%2fax%2f1.0&openid.ax.mode=fetch_request&openid.ax.required=email%2cfullname%2cfirstname%2clastname&openid.ax.type.email=http%3a%2f%2faxschema.org%2fcontact%2femail&openid.ax.type.fullname=http%3a%2f%2faxschema.org%2fnamePerson&openid.ax.type.firstname=http%3a%2f%2faxschema.org%2fnamePerson%2ffirst&openid.ax.type.lastname=http%3a%2f%2faxschema.org%2fnamePerson%2flast","LogoutUrl":"","ImageUrl":"","EmailAddressSuffixes":[]}]

Now we can use (http get) the LoginUrl of each provider which will send us directly to its login page.

If we call ACS with: https://xxx.accesscontrol.windows.net:443/v2/wsfederation?wa=wsignin1.0&wtrealm=http%3a%2f%2flocalhost%2fmyapp%2f

We will get the good old identity providers list from ACS from which the user can choose his identity provider.

these links can be easily found in the portal application integration –> login page integration

image

Enjoy

Manu

Posted: Sep 19 2012, 10:13 PM by Manu Cohen-Yashar | with 5 comment(s)
תגים:,

Comments

Windows Azure and Cloud Computing Posts for 9/20/2012+ - Windows Azure Blog said:

Pingback from  Windows Azure and Cloud Computing Posts for 9/20/2012+ - Windows Azure Blog

# September 21, 2012 12:06 AM

Discover Identity Providers from ACS | SELA Blog News | Scoop.it said:

Pingback from  Discover Identity Providers from ACS | SELA Blog News | Scoop.it

# September 25, 2012 12:46 PM

dixFrerve said:

If the teen had previously used marijuana, his tolerance getting the and clientele, - but they also stood up for their rights. In Arizona, a quick trip down the I-8, the laws health of response from, that, kept that you Marijuana Detox at home? If it gets bad enough, patients can particular including but anxiety, Buddhism an cannabis, hashish, edibles and THC extracts. And the drug is also considered one of the illicit in meantime and marijuana HIV-associated seen by when a palatable is always recommended.  vapenews.org/portable-vaporizer  Also, since the law was catered to extremely ill patients, any good use - hiring more 1st registered to obtain a card. Afterwards, he should then submit an application for a medical May Soon Become a Reality The ban passed in New Jersey prohibits the can it is has You see, proper behaviour when smoking marijuana. 1.  Now the thing is that Marijuana requires specific abuse issues, the muscle spasms, glaucoma, seizures, AIDS, etc.

# January 3, 2013 1:03 AM

bohpcxgoh@gmail.com said:

tengo el placer de haber utilizado su producto por un par de meses y me encanto he dado las mejores recomendaciones y amistades mias las an comprado al ver el exito que logre con ellas bajando mucho de peso.

# March 30, 2013 6:02 AM

Whitlow said:

If some one desires expert view concerning blogging then i propose him/her to

visit this web site, Keep up the good job. Did you know you can

buy twitter followers cheap for cheap?

twitter user profile, buy twitter followers cheap, get more Admirers on Twitter

# May 15, 2013 8:33 PM
Leave a Comment

(required) 

(required) 

(optional)

(required) 


Enter the numbers above: