Code sample needs to define what the configuration object is

[SvdSinner]

The code samples refer to a Configuration object but do not define what it is. Obviously it references some configuration values, but it doesn't provide any perspective on what those values should be to get ADFS to work.

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: 59d6d442-8d46-3f9e-e75a-ad9d900fc117
• Version Independent ID: d07c4058-452f-cdac-c59d-8f09e70a43f3
• Content: Authenticate users with WS-Federation in ASP.NET Core
• Content Source: aspnetcore/security/authentication/ws-federation.md
• Product: aspnet-core
• Technology: aspnetcore-security
• GitHub Login: @chlowell
• Microsoft Alias: scaddie

[Rick-Anderson]

I agree, that could use more information. See https://blog.matrixpost.net/set-up-active-directory-federation-services-ad-fs-5-0-claim-aware-web-applications-create-an-asp-net-core-web-application-mvc-part-5/

 // WS-Federation Code
            services.AddAuthentication()
            .AddWsFederation(options =>
            {
            // MetadataAddress represents the Active Directory instance used to authenticate users.
            options.MetadataAddress = "https://<ADFS FQDN or AAD tenant>/FederationMetadata/2007-06/FederationMetadata.xml";

            // Wtrealm is the app's identifier in the Active Directory instance.
            // For ADFS, use the relying party's identifier, its WS-Federation Passive protocol URL:
            options.Wtrealm = "https://localhost:44307/";

            // For AAD, use the Application ID URI from the app registration's Overview blade:
            options.Wtrealm = "api://bbd35166-7c13-49f3-8041-9551f2847b69";
            });
            // End WS-Federation Code

[Rick-Anderson]

@codemillmatt can you recommend a cloud advocate to review this issue and recommend updates?

[codemillmatt]

@joey-snow - do you know who would be the best person in the Identity team to help give expertise on this?