Thursday, February 05, 2015

ADFS : Claims are URI

Answered this question over on the forum.

But for general interest.

Claims are URI and URL are a subset of URI so you would expect that URI look something like:

http://domain/site

So you can't have a claim type of givenName.

To repeat:

Mapping Given-Name to givenName gives:

System.ArgumentException: ID4216: The ClaimType 'givenName' must be of format 'namespace'/'name'.

Mapping Given-Name to http://givenName gives:

MSIS7012: An error occurred while processing the request. Contact your administrator for details. ---> System.ArgumentException: ID4213: Cannot parse the ClaimType 'http://givenName' into a constituent name and namespace.

Mapping Given-Name to http://company.com/givenName works.

Which makes sense - you can't have a website with a URL of e.g. givenName.

Enjoy!

No comments: