This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 17%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECD%3C/text%3E%3C/svg%3E)
I am trying to connect my node.js application to ADFS, so that when a user logins in through ADFS it sends me the user's details (like whether he is an Admin, a regular user, or a privileged user). Can someone tell me if ADFS offers to store custom user details like that and send them back to my server when the user log's in so that I may know what level of access to grant the user?
When using an attribute store, the call is made in the context of the ADFS service account. The user doesn't need permission on the store.
The store could be a SQL database, an LDAP server, or a custom DLL. But if the information is stored on the user account in AD, you can simply extract and send it at token issuance using an issuance rule.
AD FS offers this functionality.
You can either: