Reader centralbin comments:
“In fact the reverse is also true : You can configure TT-STS as an IP-STS in ACS. The JWT tokens issued by TT-STS can also be consumed in ACS. The only “gotcha” is that you manually need to upload the symmetric key used by TT-STS to ACS. You need to do this in code using the ACS Odata service since it doesn’t allow the configuration of symmetric keys for IP-providers that are added using a federation meta data link or manifest.”
Wow. Didn’t even know about that feature in ACS. Thanks!