I’m having trouble getting my app to allow authentication to enterprise hosted ADFS system. I think I have isolated the issue to wrongly named realm I’m trying to use, though, the issue might be elsewhere too.
Let me tell you what works:
- I’ve setup ADFS connection and configured it properly. If I try “test connection” in the auth0.com control panel, it claims that everything is working. the connection name is ADFSConn
- If I manually test my applications WSFederation Sign-In URL, it seems to work.
- I have enabled username/password database as well as ADFS connection for my application. My test users reside in user/pass database. When I login with my test users, the login works.
Steps 1, 2 and 3 above produce correct logging in auth0.com das board which I can verify.
So, what does not work then?
I created custom login page in “Hosted Pages” and use auth0.js to do the magic.
- When I invoke webAuth.login() with username, password and realm=“Username-Password-Authentication” the login works, and it correctly verifies credentials against my test users there. (this solution does not accept ADFS user credentials)
- When I invoke with realm=“ADFSConn” I get error “400: Not supported connection”
- When I invoke with realm=“urn:auth0:ADFSConn” I get error “404: Connection not found”
Hence, my problem is that I’ve not yet succeeded in writing a hosted login page which would allow my adfs users to login. (and I suspect I just define my realm in a wrong format)
Also, I’m unsure can I allow both my test users (user/pass database) and adfs users to login via the same page transparently?