Search code examples
oauthactive-directorysamladfsauth0

Auth0 ADFS - Can't Find Federation Metadata URL - Next Steps

This post became much longer than anticipated, TLDR: Where is my ASFS Federation Metadata located on my server? My overall task to the setup a test ADFS server in order to integrate our current application with ADFS

Hello, I'm trying to integrate our application with ADFS (it's a WPF application with a NodeJS backend), and I'm testing out Auth0 for this job (but if there are other simple solutions, I would be open to that as well - I've found no good guides so far ): espeically as a developer with no AD experience).

Regardless, I think I've set up a single server AD FS environment (locally as server1.local - with AD CS, AD DS and AD FS and that same server is the domain controller/DNS server) and set up an Auth0 relying party using this guide:

https://auth0.com/docs/connections/enterprise/adfs

In the next steps part, it says: try these quickstart guides. So I've downloaded the Angular2 quick start example project to test. But when I go to the enterprise connections and try to set up an ADFS connection, it asks for a ADFS URL

You can either provide the ADFS URL or upload the federation metadata file.

But I can't seem to find my ADFS URL. Not only that, my server is local, so it wouldn't be able to use my URL anyways right? I can just upload the metadata instead?

I've tried going to https://server1.local/federationmetadata/2007-06/federationmetadata.xml and https://127.0.0.1/FederationMetadata/2007-06/FederationMetadata.xml and https://localhost/FederationMetadata/2007-06/FederationMetadata.xml which under endpoints that's the one that shows, but ie says:

Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://server1.local again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

I've enabled TLS 1.0, 1.1 and 1.2 and this still doesn't seem to give me my metadata. I've also tried that URL on Chrome and it gives a generic "This site can't be reached"

How do I get my metadata?

Solution

  • In the ADFS configuration, look for what you configured as your federation service name.

    Use this in the URL.

    https://federation service name/federationmetadata/2007-06/federationmetadata.xml

    BTW the federation service name should not be the FQDN of the server.