Windows Azure AppFabric Access Control Service (ACS) v2 – Programmatically Adding OpenID as an Identity Provider Using Management Service

Adding OpenID as identity provider using Windows Azure AppFabric Access Control Service (ACS) v2 Management Service is in general similar to the procedures outlined in the following posts:

• Windows Azure AppFabric Access Control Service (ACS) v2 – Programmatically Adding Facebook as an Identity Provider Using Management Service
• Windows Azure AppFabric Access Control Service v2 - Adding Identity Provider Using Management Service (AD FS 2.0)

The key differences are as follows:

• Change protocol type to OpenID

 // Create Identity Provider
IdentityProvider identityProvider = new IdentityProvider()
{
    DisplayName = identityProviderName,
    Description = identityProviderName,
    WebSSOProtocolType = "OpenId",
    IssuerId = issuer.Id
};
svc.AddObject("IdentityProviders", identityProvider);

• Remove code related to IdentityProviderKey altogether
• Update sign in address as per your OpenID provider

 IdentityProviderAddress signInAddress = new IdentityProviderAddress()
{
    Address = "https://www.myopenid.com/server",
    EndpointType = "SignIn",
    IdentityProvider = identityProvider,
};
svc.AddRelatedObject(identityProvider, "IdentityProviderAddresses", signInAddress);

• Another caveat is when creating rules using Management Portal – you cannot auto generate rules. Instead, create manually at least one pass through rule so that all incoming claims from your OpenID provider will be available. Failure to create at least one rule will result in failure to generate a security token by ACS v2.

Related Books

• Programming Windows Identity Foundation (Dev - Pro)
• A Guide to Claims-Based Identity and Access Control (Patterns & Practices) – free online version
• Developing More-Secure Microsoft ASP.NET 2.0 Applications (Pro Developer)
• Ultra-Fast ASP.NET: Build Ultra-Fast and Ultra-Scalable web sites using ASP.NET and SQL Server
• Advanced .NET Debugging
• Debugging Microsoft .NET 2.0 Applications

Related Info

• Windows Azure AppFabric Access Control Service (ACS) v2 – Programmatically Adding Facebook as an Identity Provider Using Management Service
• Windows Azure AppFabric Access Control Service v2 - Adding Identity Provider Using Management Service (AD FS 2.0)
• Windows Identity Foundation (WIF) and Azure AppFabric Access Control (ACS) Service Survival Guide
• Videos: Windows Azure Security Essentials For Decision Makers, Security Architecture, Access, and Secure Development
• Video: What’s Windows Azure AppFabric Access Control Service (ACS) v2?
• Video: What Windows Azure AppFabric Access Control Service (ACS) v2 Can Do For Me?
• Video: Windows Azure AppFabric Access Control Service (ACS) v2 Key Components and Architecture
• Video: Windows Azure AppFabric Access Control Service (ACS) v2 Prerequisites