Which SAML version to use to interop custom STS/IdP and Azure AD for Office365 authentication?
Question
Trying to do interop our custom STS/ IdP (supports SAML2. protocol) and Azure AD for Office 365 authentication using WS-Fed UsernameToken Profile.
Referred this link where it says, "Office 365 supports SAML2.0 protocol" . But from this STS Integration Paper using WS Protocols document (under section 2.2 Token Contents), it says "The token is structured based on a SAML 1.1 token..." and sample response in the doc has SAML1.1 specific assertion only.
Which version of SAML protocol (1.1 or 2.0) to use, so that AAD accept and process the SAML assertion/ token sent by our custom STS/ IdP? or Is that integration doc is outdated?
Your answers help me whether I should implement SAML1.1 in our custom STS/ IdP or not.
1 answers
solution1
2 ACCPTED 2017-05-03 12:25:43
ADAL (AKA Modern Auth) uses SAML2. Classic auth uses WS-Fed for passive applications (web interface) and WS-Trust for active applications (fat clients, like Word and Excel). Both WS methods wrap SAML1.1 assertions.
If you can, use ADAL. It will be much easier for you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.