Answered by:
Authenticate Web Users with Azure Active Directory Access Control

Question
-
I followed the article at http://azure.microsoft.com/en-us/documentation/articles/active-directory-dotnet-how-to-use-access-control/ to the lettre, which successfully executes and displays correctly but it does not indicate how to get specific information from the claim such as the nameidentifier or the email. I tried several syntx to get properties or values for nameidentifier and others but everytime getting a different runtime or compile errors.
Can you provide a snippet of code on how it is possible to extract specific propertie from the claim in the code behind (Homecontroller)
Thanks
- Moved by Jack Zhai-MSFTMicrosoft contingent staff Friday, November 21, 2014 5:19 AM
Thursday, November 20, 2014 1:41 PM
Answers
-
Hi,
Apologies for addressing this issue so late.
As of now it is not possible to get specific information from the claim such as the nameidentifier or the email.
The name identifier differs per ACS namespace. That was an intentional design choice to prevent multiple websites from collaborating and tracking users.
However You can use ADFS in chain with ACS to inject more claims.
You might want to refer the below listed links for more insight on this topic.
http://msdn.microsoft.com/en-us/library/hh446535.aspx
Hope this helps!
Let me know if you have any concerns.
Best Regards,
- Proposed as answer by SadiqhAhmed-MSFTMicrosoft employee Thursday, December 4, 2014 4:05 PM
- Marked as answer by SadiqhAhmed-MSFTMicrosoft employee Tuesday, December 9, 2014 3:12 PM
Thursday, December 4, 2014 4:05 PM
All replies
-
Hi eliassal,
I am moving your thread into the Azure Active Directory Forum for dedicated support. Thanks for your understanding.
Best Regards,
Jack
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click HERE to participate the survey.Friday, November 21, 2014 5:18 AM -
Hi,
Apologies for addressing this issue so late.
As of now it is not possible to get specific information from the claim such as the nameidentifier or the email.
The name identifier differs per ACS namespace. That was an intentional design choice to prevent multiple websites from collaborating and tracking users.
However You can use ADFS in chain with ACS to inject more claims.
You might want to refer the below listed links for more insight on this topic.
http://msdn.microsoft.com/en-us/library/hh446535.aspx
Hope this helps!
Let me know if you have any concerns.
Best Regards,
- Proposed as answer by SadiqhAhmed-MSFTMicrosoft employee Thursday, December 4, 2014 4:05 PM
- Marked as answer by SadiqhAhmed-MSFTMicrosoft employee Tuesday, December 9, 2014 3:12 PM
Thursday, December 4, 2014 4:05 PM -
I'm marking the above post as answer. Please write back or create a new forum post if you need further assistance.
Regards,
Sadiqh Ahmed
Monday, December 8, 2014 6:25 PM