Azure AD without ADFS

Cantor, Scott cantor.2 at
Tue May 2 11:37:51 EDT 2017

> We have not found this portal to be capable to consume Shibboleth IdP
> Federation with IdP Discovery Service which requires signing of keys and
> certificates.

I don't really have any idea what you're doing, and I know even less about Azure, but the discovery service in a Shibboleth "world" has nothing whatsoever to do with proxying, IdPs, or any keys or certificates. It's a redirector/selector associated with an SP and is usable with virtually any application provided a bit of redirection glue is possible. IdPs have no idea what discovery is or how it's done, they're oblivious.

If the IdP is a proxy, then it's the SP component of the IdP that is involved with discovery, not its capacity as an IdP.

> Even though we are still trying to find ways to connect through
> Shibboleth IdP Discovery Service (i.e. Proxy IdP)

Specifically, it sure isn't that.

-- Scott

More information about the users mailing list