Hi!
I trying to secure an ASP.NET 4.61 Web API with ADFS 3.0 and OAuth2.
The Web API is places behind a Web Application Proxy (WAP) configured with pre-auth, claims aware and OAuth2.
With my bearer token I can pass the WAP, but the Web API says "unauthorised".
Is there any requried claims that need to be set on the RP in ADFS to get the Web API authentication working?
I can also see that my bearer token is passed through the WAP to the Web API.
In my Startup.Auth & web.config
app.UseActiveDirectoryFederationServicesBearerAuthentication(
new ActiveDirectoryFederationServicesBearerAuthenticationOptions
{
MetadataEndpoint = ConfigurationManager.AppSettings["ida:AdfsMetadataEndpoint"],
TokenValidationParameters = new TokenValidationParameters() {
ValidAudience = ConfigurationManager.AppSettings["ida:Audience"]
}
});
<add key="ida:AdfsMetadataEndpoint" value="https://adfs.xxxx.com/FederationMetadata/2007-06/FederationMetadata.xml"
/>
<add key="ida:Audience" value="https://claims-test.xxx.com" />
In my API class
[Authorize]
public class ValuesController : ApiController
/Jonas