How do I simulate an ADFS IdP to facilitate the testing of my SP code

Question

I need to provide a SAML2.0 based Single Sign On (SSO) feature for my node.js service. This will consume SAML assertions generated by an Identity Provider (IdP) running Active Directory Federated Services (ADFS)

Ideally I would like to set up a test ADFS IdP that I can use to internally generate the SAML assertions. I could then use this to ensure my service handles these assertions correctly.

Unfortunately my company does not use Active Directory and so we cannot just setup a test ADFS platform. The licenses are expensive and so I cannot create an internal test server from scratch.

Is there a low-cost way I can simulate an ADFS IdP to provide a realistic test-bed for my new SSO service?

Answer 1

Azure Active Directory should be very similar to implementations in ADFS (and the federation part is likely identical) and should be just fine for testing of your implementation. You can setup a free trial account for Microsoft Azure which includes the Azure Active Directory.

Information about SAML endpoints and SSO process can be found in the Azure documentation.

Other option is test against another SAML compatible Identity Provider, have a look at SSO Circle.

Microsoft also offers a Microsoft Partner Network Action Pack which enables companies to access a range of software (including Windows Server with ADFS) with development licenses for a reasonable price (few hundred euros). It might be your other option.