question

AnandAV avatar image
0 Votes"
AnandAV asked AaronChristenson-7506 commented

How to pass parameter from RP to IDP in passive flow?

Hi

We have multiple client's IDP federated with our ADFS 4.0 server.
A user click login from web application (RelyingParty ) then redirected to ADFS's IDP selection page and redirected to there respective IDP page.

Now my question is how to pass RelyingParty identifier("https://webapp.mycompany.net") to IDP.
I see wtrealm has the RPI but when ADFS redirects the request to IDP it changes the value to it's own identifier(http://sts.mycompany.net/adfs/services/trust)

Can some one please help me on this?.

Thanks.



adfs
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AnandAV avatar image
0 Votes"
AnandAV answered

The following command pass "wctx" from RP->ADFS->IDP

  • Set-AdfsWebConfig -ContextCookieEnabled 0

Source: https://nzpcmad.blogspot.com/2014/09/adfs-joys-of-hiden-context.html

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

piaudonn avatar image
0 Votes"
piaudonn answered AaronChristenson-7506 commented

When using the IDP Initiated Flow for your application, you can use the LoginToRp query string to skip the drop down menu selection. For example:

 https://sts.contoso.com/adfs/ls/IdpInitiatedSignon.aspx?LoginToRP=https://webapp.mycompany.net
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I want to pass a value (e.g. language/countrycode/company/relyingpartyidenfier ) in query string from RP->ADFS->IDP(Authenticate).

0 Votes 0 ·

Oh, I see. I misread the question. I thought you were using the IDP initiated flow under the cover. In an SP-initiated flow, you need to pass a RelayState information in your request.
RelayState will be passed back as-is to the SP once the authentication is sucessful.

1 Vote 1 ·

Piaudonn,

I am interested in this also, do you know how to send parameters in the relaystate request string. I have this https://adfsuat.lmcu.org/adfs/ls/idpinitiatedsignon.aspx?logintorp=urn:bki:servicingdigital:rwa:lmcu:uat and I also need to pass through
NameId=3423423
LoanIdentifier=3423423
TaxpayerIdentifierLast4Value=4893
PortfolioId=258

Thanks

0 Votes 0 ·