Azure AD and artifact resolution services


  • Hi,

    My question is about SAML Single Sign On in Azure AD and Artifact Resolution Services.

    We have a SAML application (using openSAML v2) and would like to test in Azure AD so I created a trial account.
    We are currently using SSO circle as an Identity Provider (IDP). It's meta data specifies an Artifact resolution service, e.g.

    <ArtifactResolutionService Location="" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" isDefault="true" index="0"/>

    Our Single Sign on servlet receives an artifact from SSO circle IDP. We then call the Artifact Resolution Service above to get an Artifact Response. This response contains the Assertions.

    When setting up our application in Azure AD I was looking for something similar but couldn't find it.

    Does Azure AD use artifact resolution or does it send Assertions directly?


    Tuesday, March 14, 2017 12:19 PM

All replies

  • ADFS configuration databases with Microsoft SQL Server would support SAML Artifact Resolution and SAML/WS-Fedaration token replay detecttion. You can refer to the following documents for details:

    1. Office 365 Single Sign-on with ADFS
    2. AD FS 2.0 Step-by-Step Guide: Federation with Ping Identity PingFederatec

    Wednesday, March 15, 2017 7:48 AM
  • I just wanted to follow up on this question...the previous reply references ADFS documentation, but the original question was about Azure AD, which isn't exactly the same thing as ADFS.  To reiterate the same question above, apart from actual on-premise ADFS implementation, and apart from running a server on Azure with the actual ADFS role installed, does Azure AD alone support artifact resolution/provide an artifact resolution service?

    Thanks for any insight or direction anyone here can provide.

    Tuesday, September 5, 2017 11:32 PM