I'm completely new to ACS, Windows Identity Foundation, and ASP.NET MVC WebAPI in general, I've been playing around with it to try to figure some things out. I've written a simple ASP.NET MVC WebAPI REST service at http://jordan-helloacs.cloudapp.net/ that,
when accessed via GET, just returns the user's claims. I've set up ACS as the FP for the service using the "Add STS Reference" in VS, and configured the application as an RP in the ACS management portal.
While I can test this works in a browser, it's really a web service, so I would expect to consume it with non-browser applications (thick client, mobile, js application, etc.).
Since I configured Google as an IdP, I've studied some of the "passive-active" samples for doing this in, say, a mobile application (for example, the WIF training kit has the ACS and Windows Phone 7 example for a scenario much like this). Basically, the
I've successfully created a WPF client that does the above, I can see the contents of my ACS token... my question is, how do I take the ACS token I've retrieved and pass it to my REST service? Several of the tutorials, labs, and walkthroughs on MSDN have
several different ways of passing the token in the Authorization header when making a call to my REST endpoint. All the examples I've seen use SWT tokens, but what if I've configured ACS to return a SAML token? I'm just making an HTTP REST call, so presumably
I just need to pass the token in the "Authorization" header when I make my REST call, but nothing seems to work (I get the standard ACS 302 redirect to the ACS sign in page).