How To: Use AD FS Endpoints When Developing Claims Aware WCF Services Using WIF

Article
09/30/2011

This post is based on WIF Built-in Bindings Overview and AD FS Endpoints. This information should provide a more cohesive view for developers when developing claims aware WCF services using AD FS and WIF.

There are 30 scenarios here. Working on guidance when to use what.

WS-Trust 1.3 endpoints

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/windows	Trust13WindowsMessage
WindowsWSTrustBinding windowsTrust13MessageBinding = new WindowsWSTrustBinding();

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/windowsmixed	Trust13WindowsMixed
WindowsWSTrustBinding windowsTrust13MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential);

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/windowstransport	Trust13WindowsTransport
WindowsWSTrustBinding windowsTrust13TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport);

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/certificate	Trust13CertificateMessage
CertificateWSTrustBinding certificateTrust13MessageBinding = new CertificateWSTrustBinding();

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/certificatemixed	Trust13CertificateMixed
CertificateWSTrustBinding certificateTrust13MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential);

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/certificatetransport	Trust13CertificateTransport
CertificateWSTrustBinding certificateTrust13TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport);

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/username	Trust13UserNameMessage
UserNameWSTrustBinding userNameTrust13MessageBinding = new UserNameWSTrustBinding();

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/usernamemixed	Trust13UserNameMixed
UserNameWSTrustBinding userNameTrust13MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/usernamebasictransport	Trust13UserNameBasicTransport
UserNameWSTrustBinding userNameTrust13TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic);

AD FS Endpoint	WCF Binding
N/A	Trust13UserNameDigestTransport
UserNameWSTrustBinding userNameTrust13TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest);

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/kerberosmixed	Trust13KerberosMixed
KerberosWSTrustBinding kerberosTrust13MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential);

WS-Trust 1.3 Issued Token endpoints

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/issuedtokenasymmetricbasic256	Trust13IssuedTokenAsymmetricBasic256
IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256	Trust13IssuedTokenMixedAsymmetricBasic256
IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey;

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256	Trust13IssuedTokenMixedSymmetricBasic256
IssuedTokenWSTrustBinding issuedTokenBinding = new IssuedTokenWSTrustBinding(); issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential;

AD FS Endpoint	WCF Binding
/adfs/services/trust/13/issuedtokensymmetricbasic256	Trust13IssuedTokenSymmetricBasic256

WS-Trust 2005 endpoints

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/windows	TrustFeb2005WindowsMessage
WindowsWSTrustBinding windowsTrustFeb2005MessageBinding = new WindowsWSTrustBinding(); windowsTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/windowsmixed	TrustFeb2005WindowsMixed
WindowsWSTrustBinding windowsTrustFeb2005MixedBinding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential); windowsTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/windowstransport	TrustFeb2005WindowsTransport
WindowsWSTrustBinding windowsTrustFeb2005TransportBinding = new WindowsWSTrustBinding(SecurityMode.Transport); windowsTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/certificate	TrustFeb2005CertificateMessage
CertificateWSTrustBinding certificateTrustFeb2005MessageBinding = new CertificateWSTrustBinding(); certificateTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/certificatemixed	TrustFeb2005CertificateMixed
CertificateWSTrustBinding certificateTrustFeb2005MixedBinding = new CertificateWSTrustBinding(SecurityMode.TransportWithMessageCredential); certificateTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/certificatetransport	TrustFeb2005CertificateTransport
CertificateWSTrustBinding certificateTrustFeb2005TransportBinding = new CertificateWSTrustBinding(SecurityMode.Transport); certificateTrustFeb2005TransportBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/username	TrustFeb2005UserNameMessage
UserNameWSTrustBinding userNameTrustFeb2005MessageBinding = new UserNameWSTrustBinding(); userNameTrustFeb2005MessageBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/usernamemixed	TrustFeb2005UserNameMixed
UserNameWSTrustBinding userNameTrustFeb2005MixedBinding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential); userNameTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/usernamebasictransport	TrustFeb2005UserNameBasicTransport
UserNameWSTrustBinding userNameTrustFeb2005TransportBasicBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Basic); userNameTrustFeb2005TransportBasicBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
	TrustFeb2005UserNameDigestTransport
UserNameWSTrustBinding userNameTrustFeb2005TransportDigestBinding = new UserNameWSTrustBinding(SecurityMode.Transport, HttpClientCredentialType.Digest); userNameTrustFeb2005TransportDigestBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/kerberosmixed	TrustFeb2005KerberosMixed
KerberosWSTrustBinding kerberosTrustFeb2005MixedBinding = new KerberosWSTrustBinding(SecurityMode.TransportWithMessageCredential); kerberosTrustFeb2005MixedBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

WS-Trust 2005 Issued Token endpoints

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/issuedtokenasymmetricbasic256	TrustFeb2005IssuedTokenAsymmetricBasic256
issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256	TrustFeb2005IssuedTokenMixedAsymmetricBasic256
issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.KeyType = SecurityKeyType.AsymmetricKey; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256	TrustFeb2005IssuedTokenMixedSymmetricBasic256
issuedTokenBinding.SecurityMode = SecurityMode.TransportWithMessageCredential; issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;

AD FS Endpoint	WCF Binding
/adfs/services/trust/2005/issuedtokensymmetricbasic256	TrustFeb2005IssuedTokenSymmetricBasic256
issuedTokenBinding.TrustVersion = TrustVersion.WSTrustFeb2005;