How to use the ADFS interface to obtain secure token?

Shizeng SZ5 Liu | 刘士增 20 Reputation points
2023-05-05T07:45:12.36+00:00

I want to makes a seurity token request to the corporate ADFS proxy usernamemixed endpoint using the user's corporate credentials. The logon token is used to talk to MSO STS to get an O365 service token that can then be used to sign into SPO.

The corporate ADFS proxy endpoint that issues SAML seurity tokens given username/password credentials.

Generate the WS-Trust security token request SOAP message passing in the user's corporate credentials and the site we want access to. We send the token request to the corporate ADFS proxy usernamemixed endpoint.

The result is ID3242: Failed to authenticate or authorize security token

The Web API is :/adfs/services/trust/2005/usernamemixed/.

Please help me chek what the problem is?

Thanks.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,140 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,071 questions
0 comments No comments
{count} votes

Accepted answer
  1. RaytheonXie_MSFT 32,726 Reputation points Microsoft Vendor
    2023-05-05T09:10:11.26+00:00

    Hi @Shizeng SZ5 Liu | 刘士增

    Per my research, It looks like either the username or password passed in the credentials are incorrect. As you are getting token, after decoding it check the audience is valid, and see if it is either clientId or appId uri.

    enter image description here

    Here is a similar issue with yours, please make a refernece

    https://github.com/Azure/azure-cli/issues/21050


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful