Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Are any other claims available from Windows Live ID via the ACS 2.0 identity provider?

Tags:

windows

windows-live-id

acs

I understand that currently the default Windows Live ID identity provider in ACS 2.0, only provides two claims the nameidentifier (a base64 unique id associated with the user and your application, but useless for describing someone) and the identityprovider claim which lets you know that your talking with LiveID. I was wondering is it possible to configure an alternative identity provider for Window Live ID that could provide Name and other Live ID profile information via additional claims.

Thanks, -Patrick

like image 825
Patrick Simpson Avatar asked Jun 17 '11 20:06

Patrick Simpson

2 Answers

You can't get anything but the nameidentifier and identityprovider claims using the Window's Live Identity Provider. http://msdn.microsoft.com/en-us/library/gg185944.aspx

The other providers available to Azure ACS 2.0 are all listed in detail from this link. http://msdn.microsoft.com/en-us/library/gg185971.aspx

FYI - Google & Yahoo as IP's provide additional but optional claims emailaddress & name. So you could also retrieve as an example, John Doe & [email protected].

Note, that using these two optional claims will prompt the user they will be exposed to your services when logging in for the first time. At which time the user can cancel the operation. I recommend you only get the claims you really need as it may scare off potential users.

like image 86
Eat at Joes Avatar answered Oct 11 '22 22:10

Eat at Joes

I have investigated this before and found that the direct answer is no.

You can however use ADFS in chain with ACS to inject more claims.

It seems that the LiveId setup allows you to post a token to get info like

{
   "id": "b6b2a7e8f2515e5", 
   "name": "Apurva Dalia", 
   "first_name": "Apurva", 
   "last_name": "Dalia", 
   "gender": null, 
   "link": "http://cid-b6b2a7e8f2515e5.profile.live.com/", 
   "locale": "en_US", 
   "updated_time": "2011-10-26T21:13:05+0000"
}

If this is true, than you can inject this info to the caller.

See Server Side scenarios of the Live SDK.

From another Microsoft site:

For example, the following GET request, without any access token specified, would return the user's public profile information. https://apis.live.net/v5.0/8c8ce076ca27823f

The information returned by Windows Live would look like the following.

"id": "8c8ce076ca27823f", "name": "Roberto Tamburello",
"first_name": "Roberto",
"last_name": "Tamburello",
"gender": null, "locale": "en_US"

like image 32
Frode Stenstrøm Avatar answered Oct 11 '22 20:10

Frode Stenstrøm
Sign in to Comment

Related questions

Can two different Windows SDK versions coexist on the same machine without conflict?
How can I run a py2exe program in windows without the terminal?
Why malloc always return NULL
How do I call Matlab in a script on Windows?
Detect Internet V. local lan connection
How can I extract the current user's account picture?
How would you start automating my job? - Part 2
Windows: How to canonicalize a file to the special folder?
Digital Persona Windows SDK problems!
which dlls are being used?
Are there reasons why DLL redirection won't work other than the presence of a manifest?
How do I check if my program is ran by user as administrator (Vista/Win7, C++) [duplicate]
faster than Stackwalk
Best security framework for c# desktop applications?
boost iostreams with bzip2 built from source on windows
I'm looking for any optimizations I can make in a graphics editing program
Where to get precompiled GTK3 for windows? [duplicate]
C# calling native C++ all functions: what types to use?
How to show a window in the fastest way possible?
Adding new filetypes to Windows 7's New context menu

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!