How to use Twitter as Identity Provider on Access Control Service?
-
Dienstag, 23. August 2011 10:42
Hello,
OOTB we can define and use LiveID, Google, Yahoo, and Facebook on ACS, if i want to add Twitter to my ACS authentication module, how can i do that?
Regards,
Alen
- Verschoben Brian AurichMicrosoft Employee Mittwoch, 24. August 2011 15:24 Authentication related. (From:Windows Azure Platform Development)
Alle Antworten
-
Mittwoch, 24. August 2011 06:49 Azure ACS supports OAuth WRAP and OAuth 2.0 but unfortunately Twitter supports OAuth 1.0A only. I'm afraid we cannot configure Twitter as an identity provider in ACS, at least for now.
- Als Antwort vorgeschlagen Seetha_ Freitag, 26. August 2011 05:08
- Als Antwort markiert Wenchao ZengModerator Donnerstag, 1. September 2011 08:43
-
Mittwoch, 24. August 2011 16:31
@zwc2 is correct. However you could create an OAuth 1 relying party and have it convert the token to OAuth2.
Your RP (signin) -> ACS -> Your custom converter (302 redirect) -> Twitter Auth (get OAuth1) -> Your custom converter (convert oauth1 to oauth2) -> ACS -> Your RP.
Not the most elegant, but it might work.
Developer Security MVP | www.steveonsecurity.com- Als Antwort markiert Wenchao ZengModerator Donnerstag, 1. September 2011 08:43
-
Mittwoch, 24. August 2011 17:36
-
Mittwoch, 24. August 2011 17:48Hmm...
Developer Security MVP | www.steveonsecurity.com -
Montag, 14. November 2011 08:28+1 for a way to make it work...
-
Montag, 14. November 2011 17:54
Its important to put up such engineering messes, as a market hits its inflection point and goes commodity. What matters is that nothing stops mass adoption, including endless gateway chains. Noone must feel excluded.
Commoditization will soon remove the chaff. Too much gatewaying defeats the flexibility of the bridging-based open architecture, becoming a unsustainable support cost and fragile user experience.
I have a simple cutoff point for IDPs - based on the number of support calls we receive (as SP). Once it hits X, the IDP is removed. I have no intention of adding Twitter back (even though we ran the gateway). We just cannot afford the cost of supporting users arriving from that channel.
-
Montag, 20. Februar 2012 16:33
Here's a simple STS for twitter that you can plug into ACS:
https://gist.github.com/1869974
I've also put one up for Windows Live (includes name and email claims, extend as needed):
https://gist.github.com/1867792
Both are built off of the Thinktecture Starter STS (ported to MVC4).
All you really need to do (aside from above) is attach the claims you need in GetOutputClaimsIdentity.
-
Dienstag, 15. Mai 2012 20:36
-
Dienstag, 26. Februar 2013 13:47Hi , if you could provide us with a sample application or detail steps on how to plug the above custom twitter STS into ACS that will be really helpful...
-
Dienstag, 26. Februar 2013 14:23
Hi,
Anyone got the solution to integrate twitter in ACS.
Please let me know if someone resolve or found solution.
Thanks:
Komal Ahirwal
-
Dienstag, 26. Februar 2013 22:39At this time, the only way to make this work is to add your own custom STS that speaks a protocol ACS understands (such as WS-Federation or OpenID) as an identity provider in between ACS and Twitter. This requires a non-trivial amount of work, but it is certainly possible.
-
Dienstag, 23. April 2013 20:50
Suppose it might be helpful for you: Twitter WS-Federation STS for ACS.
It's ASP.NET MVC app, just change Web.config configuration settings and add it in ACS Management portal as "WS-Federation identity provider". Metadata for it can be reached at /wsfederation/twittermetadata
- Bearbeitet Dmitry Tretyakov Dienstag, 23. April 2013 20:51 Fixed link
