locked
How to get Live ID Claim information from Hash value returned by Windows Live ID? RRS feed

  • Question

  • Hi,

    We have used Azure App Fabric ACS as the Federation service for our application. We are using Windows Live Id as "Identity Provider" for our application, we used this as Rule for the application.

    Our application is going successful to Live Id authentication and comes back to our application and  received the claims. We now want to get the Live ID claim information provided as nameidentifier (which is always provided as hash value) from hash value. Please do the needful in provide the required information.

    What way we can get the required information?

    Thanks,


    VDeevi
    Wednesday, September 29, 2010 1:07 PM

Answers

  • Hi,

    For LiveId, the NameIdentifier is an unreversable hash of the user's Live PUID and is therefore not usable to get more information.  This behavior is due to Windows Live privacy requirements. Currently one possible workaround is to manually add mapping rules to map the hash code to a specific username on ACS labs portal.


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. Windows Azure Platform China Blog: http://blogs.msdn.com/azchina/default.aspx
    Friday, October 1, 2010 6:29 AM

All replies

  • This should probably be in the Security for Windows Azure forum.

    It is a while since I looked at this but I presume you would need to passthrough the original Live Id claims when you configure the claims on ACS. If memory serves, and in this case it may not, in the CTP this was possible initially but then the system was changed so it was no longer possible. Regardless, it should be a simple ACS claims configuration issue provided the powers that be have not expressly prohibited it - as was the case early this year. You need to check the documentation for the current version of ACS.

    Wednesday, September 29, 2010 3:29 PM
    Answerer
  • Hi Neil,

    Thanks for your reply, currently we are using ACS of Sept 2010 version of App Fabric ACS for our application. we have configured our ACS Service from https://portal.appfabriclabs.com site for our application to understand about using ACS as our Federation Service to configure our application as claims aware application using ACS Federation Services.

    To this, we are using out-of-box feature of ACS Identity Providers i.e. Windows Live ID. Please do the needful in providing required information.

     

    Thanks,


    VDeevi
    Wednesday, September 29, 2010 3:37 PM
  • Hi,

    For LiveId, the NameIdentifier is an unreversable hash of the user's Live PUID and is therefore not usable to get more information.  This behavior is due to Windows Live privacy requirements. Currently one possible workaround is to manually add mapping rules to map the hash code to a specific username on ACS labs portal.


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. Windows Azure Platform China Blog: http://blogs.msdn.com/azchina/default.aspx
    Friday, October 1, 2010 6:29 AM