asp.netfederated-identitygeneva-frameworkclaims-based-identitypassive-sts

Specifying Required / Optional Claim Types in the Relying Party for a Passive STS


I have an asp.net application (relying party) that uses a passive STS for authentication and retrieval of claim values. The relying party is using the FederatedAuthenticationModule (FAM) to enable a passive redirect to the sts. I found documentation on how to specify required claims when using InformationCards, but have yet to find detailed information on how to configure this using a FAM.

Does anyone have any examples of this? The closest example I could find is in the Geneva Framework samples, but they deal with active STS and WCF, which does not apply.

Thanks in advance.


Solution

  • I had also posted this question on the Geneva Framework forum and received an answer. Turns out that in the passive model claim types cannot be specified by the relying party. The passive STS is fully responsible for determining the claims that it will retrieve.

    To make this more flexible I'll probably create a data store with the allowed audience uri's and the claims that they require so that the passive sts can retrieve the claims the RP needs.