Any suggestion on how to skip the selection of login url (home realm?)
http://www.cloudidentity.com/blog/2014/11/17/skipping-the-home-realm-discovery-page-in-azure-ad/
In OAuth2 and OpenId Connect you do so by passing the target domain in the “domain_hint” parameter. In ADAL you can pass it via the following:
AuthenticationResult ar =
ac.AcquireToken("https://developertenant.onmicrosoft.com/WebUXplusAPI",
"71aefb3b-9218-4dea-91f2-8b23ce93f387",
new Uri("http://any"), PromptBehavior.Always,
UserIdentifier.AnyUser, "domain_hint=mydomain.com");
In the OWIN middleware for OpenId Connect you can do the same in the RedirectToIdentityProvider notification:
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
PostLogoutRedirectUri = postLogoutRedirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
RedirectToIdentityProvider = (context) =>
{
context.ProtocolMessage.DomainHint = "mydomain.com";
return Task.FromResult(0);
},
}
});
Finally, in WS-Fed you do the following:
app.UseWsFederationAuthentication(
new WsFederationAuthenticationOptions
{
Notifications = new WsFederationAuthenticationNotifications
{
RedirectToIdentityProvider = (context) =>
{
context.ProtocolMessage.Whr = "mydomain.com";
return Task.FromResult(0);
}
}
}
}
So, if your are using ADAL js, just add to your ADAL init:
extraQueryParameter: 'domain_hint=yourCompany.com'