Retrieve Claims from SAML response received from ADFS
Question
I have a situation wherein, I have federated my Identity Provider from WSO2 Identity Server to MS ADFS. I have created a frontend web application that calls the Identity Server and inturn the MSADFS. Login is fine and response from ADFS is also fine. I checked in the 'Fiddler' tool where I have a good SAML request and response too. I checked the SAML response which contains all what i need (Eg. givenname/surname/emailaddress etc).
I have following two questions.
1. How to retrieve or access the claims in my Client Java Application.
2. Can we print the claims in that are received from MSADFS in Identity Server Logs.
Just to add, the access of claims is working fine with Facebook as IdP.
Please guide me to a link on above.
Help Appreciated.
1 answers
solution1
1 ACCPTED 2016-08-19 18:54:13
Assuming that ADFS is correctly sending the SAML response, first you need to map the ADFS's claims to WSO2 Identity Server's local user claims. For that, you need to edit the IDP's claim configuration section and add each claim.
Go to IDP's config -> Claim Configuration -> Basic Claim Configuration
Then add a custom claim dialect and map claims with WSO2 user claims.
After that, to retrieve these claims to client application, you need to edit Service Provider's configuration and go to Claim Configuration and add the claims as Requested Claims [1].
Additionally, you need to make sure in the SAML configuration of Service Provider, you have checked following checkboxes.
Enable Attribute Profile Include Attributes in the Response Always
Then you should receive the claims to client app.
[1] http://tharindue.blogspot.com/2016/08/retrieving-user-claims-in-saml-response.html
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.