Feb 24

How to add Hyves or OpenID provider to Azure Active Directory

How to add an OpenID provider (like Hyves) to the Azure Active Directory

  • If not done already install the Windows Azure Powershell
  • Install the Azure CMDLets
  • Start the Windows Azure Powershell with administrator privilidges
  • Enter this command:  Set-ExecutionPolicy RemoteSigned
  • Select Yes to change the execution policy
  • Configure the Windows Azure connection with your PC through command in the Powershell
    • add-pssnapin WAPPSCmdlets
    • Get-AzurePublishSettingsFile
    • An Internet Explorer start a download of the publish settings (you might need to sign in)
    • Import-AzurePublishSettingsFile <mysetting>.publishsettings
    • (if needed set the default subscription)
    • $mySubID = “<subscriptionID>”
    • (subscriptionID look like: 6a5225e2-4cbb-423e-8a23-1fd1b92243c5)
    • $certThumbprint = “<Thumbprint>”
    • $myCert = Get-Item cert:CurrentUserMy$certThumbprint
    • $mySubName = “<SubscriptionName>”
    • Set-AzureSubscription -SubscriptionName $mySubName
    • Certificate $myCert -SubscriptionID $mySubID
    • Select-AzureSubscription -SubscriptionName $mySubName
    •  Add-IdentityProvider -Namespace “<YOUR Azure AD NAMESPACE>” -ManagementKey “YOUR MANAGEMENTKEY” -Type “Manual” -Name “Hyves” -Protocol OpenId -SignInAddress https://openid.hyves-api.nl
    • Add-Rule -ManagementKey “<YOUR MANAGEMENTKEY” -GroupName “<RULEGROUPNAME>” -IdentityProviderName
      “Hyves” -Namespace “<YOUR NAMESPACE e.g. gupsi01″

Your all set

Feb 22

Using Azure Active Directory the list of Identity Providers does not show op

I’ve made a MVC 4 app targeting .NET 4.5. I’ve used the Access and Identity tool to create authentication in my app and read the terrific book “Programming Windows Identity Foundation” from Vittorio Bertocci. I choose to handle authentication to generate a controllen in my project to handle authentication experience as described in Vittorio’s Bertocci’s blog.

After clicking the button which should (when authenticated) link to a protected page the list with Identity providers should appear. Well, a page appears, but not the list of identity providers.

What I did to debug this issues is going to the Accountcontroller and Authenticate action and set a breakpoint where the MetaDataScript value was set. Run the app and at the breakpoint add a watch to the MetaDataScript value. Copied this value in Internet Exploren and …… a detailled error appeared and I could solve this instantly.

My problem was that I did not had the correct relying party defined in the Azure managementportal . The error was: ACS50001: Relying party with identifier ‘Home/Login/’ was not found.