What about client secret

[NicklausBrain]

How to use this sample when custom claims mapping is configured and Azure AD demands from application to have secret key; How to use ida:ClientID and ida:Password?

[jmprieur]

1. In the Azure portal where you have registered your application, choose your application, click on Settings and choose Properties.
2. Find the Application ID value and copy it to the clipboard. this is the ida:ClientID
3. From the Settings menu, choose Keys and add a key - select a key duration of either 1 year or 2 years. When you save this page, the key value will be displayed, copy and save the value in a safe location - you will need this key later to configure the project in Visual Studio as the ida:Password Note that this key value will not be displayed again, nor retrievable by any other means, so please record it as soon as it is visible from the Azure Portal

[NicklausBrain]

Thanks, but it isn't clear how to include them into WsFederationAuthenticationOptions. I saw an appropriate example for OpenIdConnectAuthenticationOptions but for ws-federation i found no examples yet...

[brentschmaltz]

@NicklausBrain what do you need the secret key for?

[NicklausBrain]

Well, there is an issue with Azure AD. It demands to provide a secret when you create a custom claims mapping. If you send no secret key you'll receive: “AADSTS50146: This application is required to be configured with an application-specific signing key“. The problem is that it is unclear how to provide this secret when you use WS-Federation...