Login/Register
Are any other claims available from Windows Live ID via the ACS 2.0 identity provider?
Asked Answered
windowswindows-live-idacs
I

2

6

I understand that currently the default Windows Live ID identity provider in ACS 2.0, only provides two claims the nameidentifier (a base64 unique id associated with the user and your application, but useless for describing someone) and the identityprovider claim which lets you know that your talking with LiveID. I was wondering is it possible to configure an alternative identity provider for Window Live ID that could provide Name and other Live ID profile information via additional claims.

Thanks, -Patrick

Incurrence answered 17/6, 2011 at 20:25 Comment(0)
G
3

You can't get anything but the nameidentifier and identityprovider claims using the Window's Live Identity Provider. http://msdn.microsoft.com/en-us/library/gg185944.aspx

The other providers available to Azure ACS 2.0 are all listed in detail from this link. http://msdn.microsoft.com/en-us/library/gg185971.aspx

FYI - Google & Yahoo as IP's provide additional but optional claims emailaddress & name. So you could also retrieve as an example, John Doe & [email protected].

Note, that using these two optional claims will prompt the user they will be exposed to your services when logging in for the first time. At which time the user can cancel the operation. I recommend you only get the claims you really need as it may scare off potential users.

Gerick answered 25/11, 2012 at 4:20 Comment(0)
C
1

I have investigated this before and found that the direct answer is no.

You can however use ADFS in chain with ACS to inject more claims.

It seems that the LiveId setup allows you to post a token to get info like

{
   "id": "b6b2a7e8f2515e5", 
   "name": "Apurva Dalia", 
   "first_name": "Apurva", 
   "last_name": "Dalia", 
   "gender": null, 
   "link": "http://cid-b6b2a7e8f2515e5.profile.live.com/", 
   "locale": "en_US", 
   "updated_time": "2011-10-26T21:13:05+0000"
}

If this is true, than you can inject this info to the caller.

See Server Side scenarios of the Live SDK.

From another Microsoft site:

For example, the following GET request, without any access token specified, would return the user's public profile information. https://apis.live.net/v5.0/8c8ce076ca27823f

The information returned by Windows Live would look like the following.

"id": "8c8ce076ca27823f", "name": "Roberto Tamburello",
"first_name": "Roberto",
"last_name": "Tamburello",
"gender": null, "locale": "en_US"

Chil answered 24/6, 2011 at 14:48 Comment(1)
where the hash after the v5.0/ is the nameidentifier? I tried it with mine with no successAlphonse

© 2022 - 2024 — McMap. All rights reserved.