ADFS Portal

Sam's ADFS Management Portal

This portal is meant only for MSFT employees. Please do not share with customers.

Click sign-in, choose the MSIT(AAD tenant) to login with your MSFT credentials

Send mail to samueld@microsoft.com to get delegated rights to create and manage your apps

Demo Goals

This project is a demo project for the following goals:

  1. Showcase OWIN WS-Federation with adfs
  2. Showcase 'Reverse Federation' where the application trusts ADFS (FedP provider) and ADFS accepts tokens from Azure AAD. In this case, we are using the MSFT Azure AD teant. Currently, this scenario is only supported for a single tenant
  3. Showcase a delegated management model wherein ADFS admins can delegate app creation and management
  4. Enable MSFT employees to create their own applications for demo/testing purposes

Learn more »

How does it work?

  • This application in an MVC app that was built using OWIN WS-Federation and trusts ADFS (sts.contoso100.com) to login
  • ADFS is currently configured to accept tokens from its own AD as well the MSFT AAD tenant
  • The application talks to Azure Service Bus for any calls to read or edit ADFS configuration data
  • A Azure Service Bus client service (currently a simple EXE) runs on the ADFS server and relays this information via local PSH calls
  • Certain 'Views' within the application (e.g. Service) can be accessed without signing in and other views require sign-in and the controller is protected with the '[Authorize]' markup on the controller