New Labs Release of ACS marries Web Identities and WS-*, Blows Your Mind


They did it. Justin, Hervey and the AppFabric ACS gang just released a new version of the ACS in the LABS environment, a version that is chock-full of news and enhancements, including:

  • Integration with Windows Identity Foundation (WIF) and tooling
  • Out-of-the-box support for popular web identity providers including: Windows Live ID, OpenID, Google, Yahoo, and Facebook
  • Out-of-the-box support for Active Directory Federation Server v2.0
  • Support for OAuth WRAP, WS-Trust, and WS-Federation protocols
  • Support for the SAML 1.1, SAML 2.0, and Simple Web Token (SWT) token formats
  • Integrated and customizable Home Realm Discovery that allows end-users to choose their identity provider
  • An OData-based Management Service that provides programmatic access to ACS configuration
  • A Web Portal that allows administrative access to ACS configuration

As you’ve come to expect, the IdElement covered the news and captured an interview with Justin about the new features in this release.


Join Justin Smith, Program Manager on the Windows Azure AppFabric Access Control Service (ACS) team, on a whirlwind tour of the new features of today's Labs release of ACS. Just to whet your appetite, here's a list of some of the news touched on in this video:

  • Support for identity providers such as Facebook, Windows Live ID, Google, Yahoo, OpenID providers, and ADFS 2 instances
  • Support for a wide range of protocols: WS-Federation, WS-Trust, Oauth WRAP
  • Seamless integration with Windows Identity Foundation
  • Brand new management portal and ODtata-based management API
  • Tools for helping developers embed identity providers selection UI in their applications

What are you waiting for? Tune in! Once you have watched the video, create your account at and start experimenting: it's free, there are no tokens to redeem, and there's no waiting time. Instant gratification!

This release marks an inflection point.
You asked to bring back in ACS WS-Federation and WS-Trust, and the ACS team did it, but this release offers so much more. The chance of using a consistent programming model (the Visual Studio-friendly Windows Identity Foundation) for a variety of popular identity provider brings together the best of the web and business worlds, eliminating friction and enabling scenarios that were simply too complex or onerous to implement before. Imagine the possibilities! Write your ASP.NET or WCF application as usual, run the WIF wizard on it, and suddenly you can authenticate users from Facebook, Windows Live ID, Google, Yahoo, ADFS2 instances… without having to change a single line of code in your application. To my knowledge, no other service in the industry offers as many protocols today.

See for yourself, experiment with ACS . It’s easy, free and immediately available. Relevant links:


Congratulations to the ACS team for a great release!