Federation Gateway and Home Realm Discovery in Thinktecture.IdentityServer v2

I just uploaded a “feature-refresh” of the IdSrv Beta to github.

This includes amongst some bug fixes the ability to use IdSrv as a federation gateway/home realm discovery page. This gives you the ability to use IdSrv to broker trust between multiple external identity providers and relying parties.

I recorded a short video showing off the new features:


In the video I also show how to add support for web identities like Google, LiveID etc to IdSrv by federating with the Azure ACS.

Have fun!

This entry was posted in .NET Security, ASP.NET, IdentityModel, IdentityServer. Bookmark the permalink.

1 Response to Federation Gateway and Home Realm Discovery in Thinktecture.IdentityServer v2

  1. Reblogged this on Peter's ruminations and commented:
    leastprivillege demos as website that presents the ACS’s list of IDPs configured for a given RP entityID. It then bridges the ws-fedp response from ACS to the RP, re-affirming the assertions from ACS by minting a new assertion (and ws-fedp response) for use by the RP.
    In short, we have an example of what we deployed in production for US real estate last year. A cascade of FPs cooperate to proxy requests up the chain, and proxy re-signing proxies, each of which maintain back to back SSL tunnels.

    In the next post, let’s detail a more interesting example – which cuts out ACS from the process. WIth the dotnetopenauth libraries now in ASP.NET 4.5, why bother with ACS? Furthermore, we can get some “account linking” going, which really shows off the federation concept.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s