ADFS client side authentication (part 1)


In version 8.3 and later it is not required that you update the ServiceAPI itself to support OAuth as it will support it by default.  As long as you send the Bearer token in the Authentication header and set up the <authentication> element in hptrim.config.


In this video I configure the ServiceAPI  to force it to use my ADFS instance for authentication for client side applications.  This is achieved by using the OWIN framework to enable OAuth2 in the ServiceAPI instance.  I also look briefly at what is required on the ADFS side to make all this work.

The Code

Here are the resources I used in the video:

  • The downloadable DLLs
  • The source  code

The command I used to create the ADFS client:

Add-ADFSClient -Name "MySAPIClient" -ClientId "A1CF1107-FF90-4228-93BF-26052DD2C714" -RedirectUri "https://davidc2012.trim.lab/HPRMServiceAPI/"
Written on September 24, 2015