Windows Azure Platform >
Authenticate WCF Service that relies on Azure ACS with JWT token from LiveID

Unanswered Authenticate WCF Service that relies on Azure ACS with JWT token from LiveID

  • Monday, April 16, 2012 11:15 PM
     
     
    Sign In to Vote
    0

    I am able to use a WSTrustChannel to receive a token from LiveID using active federation (details here).   Is there any way to use this token to provide authentication to a WCF service that uses Azure ACS?  It doesn't appear that ACS v2 natively understands JWT, but I didn't know if there is some method to transform the token to SWT / SAML or perhaps use some other technique to have ACS verify the token and process the claims.

    Otherwise, is there any other possibility of getting a token from LiveID using active federation that ACS can work with?



    • Edited by IFSysDev Tuesday, April 17, 2012 12:10 AM
    •  
     

All Replies

  • Tuesday, April 17, 2012 9:03 AM
     
     
    Sign In to Vote
    0

    I guess you want to implement WS federation in web application, right? ACS does not support JWT token, but SWT, SAML 1.1, SAML 2.0 are supported, check training course of Windows Azure:

    http://msdn.microsoft.com/en-us/WAZPlatformTrainingCourse_WindowsAzureAndPassiveFederation2010

     
  • Tuesday, April 17, 2012 5:37 PM
     
     
    Sign In to Vote
    0
    I am trying to secure a multi-tenant web application and wcf service without creating my own Identity Provider for authentication.  Since I have M2M scenarios, I need active authentication that allows credentials to stored in a config file (or potentially uses a certificate).  I was hoping to use Google / LiveID or some other cloud Identity Provider.   Looks like I will probably have to make something based off ThinkTecture Identity Server / Cloud Ninja STS, unless there are any alternative suggestions.
     
  • Wednesday, April 18, 2012 2:06 AM
     
     
    Sign In to Vote
    0

    hello - I think so, if you want to use JWT token in application, perhaps Windows live Connect maybe a good choice for you:

    http://msdn.microsoft.com/en-us/library/windowsazure/hh465097.aspx

     
  • Wednesday, April 25, 2012 5:23 PM
     
     
    Sign In to Vote
    0

    I'm not trying to use a JWT token in an application, rather because I am already using Windows Live Connect / Live ID, I'm forced to use a JWT token since that is all it returns. 

    My scenario is that I want to use Azure ACS so that my application sign on can federate with Azure ACS providers including Live Connect, Google and customers' ADFS servers.  I have certain clients that must federate in active mode, not passive mode. The link I sent above details a method to obtain a Live Connect token in active mode, but the token returned is in JWT.  My original question is whether this JWT token can be somehow transformed such that ACS can accept it and verify its claims through its own connection to Live Connect.