ADFS Claims Provider not receiving username/email

Sency

10/13/23, 11:29 AM

I have an on-prem ADFS setup as below with SAML2,

SP <=> ADFS <=> IDP

When the SP initiates an authentication, the client can redirect to the IDP (configured as a Claims Provider) and authenticate himself.

However, I need to pass any form of client identification with the redirection from ADFS to IDP.

I can receive the NameID in ADFS (from SP => ADFS) but I cannot make the ADFS pass it beyond that to the IDP.

I've tried setting up a static claims rule on Claims Provider to see if I can pass 'something', but with no success.

=> issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Value = "[email protected]");

How do I get this working? I desperately need this for the SSO to work on my IDP side.

I'm ok with any sort of method/hacks/claim rule whatsoever.

Cheers.

0 + 0

single-sign-on

adfs

saml

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: ADFS Claims Provider not receiving username/email

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.