Are any other claims available from Windows Live ID via the ACS 2.0 identity provider?

依然范特西╮ 提交于 2020-01-03 11:38:04

问题


I understand that currently the default Windows Live ID identity provider in ACS 2.0, only provides two claims the nameidentifier (a base64 unique id associated with the user and your application, but useless for describing someone) and the identityprovider claim which lets you know that your talking with LiveID. I was wondering is it possible to configure an alternative identity provider for Window Live ID that could provide Name and other Live ID profile information via additional claims.

Thanks, -Patrick


回答1:


You can't get anything but the nameidentifier and identityprovider claims using the Window's Live Identity Provider. http://msdn.microsoft.com/en-us/library/gg185944.aspx

The other providers available to Azure ACS 2.0 are all listed in detail from this link. http://msdn.microsoft.com/en-us/library/gg185971.aspx

FYI - Google & Yahoo as IP's provide additional but optional claims emailaddress & name. So you could also retrieve as an example, John Doe & john.doe@gmail.com.

Note, that using these two optional claims will prompt the user they will be exposed to your services when logging in for the first time. At which time the user can cancel the operation. I recommend you only get the claims you really need as it may scare off potential users.




回答2:


I have investigated this before and found that the direct answer is no.

You can however use ADFS in chain with ACS to inject more claims.

It seems that the LiveId setup allows you to post a token to get info like

{
   "id": "b6b2a7e8f2515e5", 
   "name": "Apurva Dalia", 
   "first_name": "Apurva", 
   "last_name": "Dalia", 
   "gender": null, 
   "link": "http://cid-b6b2a7e8f2515e5.profile.live.com/", 
   "locale": "en_US", 
   "updated_time": "2011-10-26T21:13:05+0000"
}

If this is true, than you can inject this info to the caller.

See Server Side scenarios of the Live SDK.

From another Microsoft site:

For example, the following GET request, without any access token specified, would return the user's public profile information. https://apis.live.net/v5.0/8c8ce076ca27823f

The information returned by Windows Live would look like the following.

"id": "8c8ce076ca27823f", "name": "Roberto Tamburello",
"first_name": "Roberto",
"last_name": "Tamburello",
"gender": null, "locale": "en_US"



来源:https://stackoverflow.com/questions/6391406/are-any-other-claims-available-from-windows-live-id-via-the-acs-2-0-identity-pro

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!