Reference needed to authenticate a user's Live ID credentials and retrieve ACS token from console app
Thursday, September 13, 2012 3:58 AM
We are building a Test client for our service and in order for the client to successfully request Rest APIs of our Web service, we will need to authenticate the user's live ID credentials. How do I orchestrate the authentication from Live ID and use the Live ID token to retrieve an ACS token from the console app? Will using msoidcrl on client solve the issue? The ACS namespace being federated with live ID, will it accept live token from our console app and generate ACS token without having added our console app as an service identity to ACS? Is there a sample avaialble for reference?
Thanks, Hitesh “This posting is provided "AS IS" with no warranties, and confers no rights.”
Wednesday, September 26, 2012 3:42 AMModeratorIt is needed to use either Windows Live Connect (which allows you to access Live services) or ACS (which allows you to use other online identity providers such as Facebook), but you cannot use both of them together. If you only need to support Windows Live authentication, and if you need to access Live services, it is recommended to use Windows Live Connect. Otherwise you can use ACS.
Another solution is to ask the user to sign in to ACS again, even if they've signed in to Windows Live Connect. Windows Live will recogonize the user, and automatically send ACS a token, so user will have the illusion as if they're automatically signed in. The only disadvantage is the browser will temporary be redirected to a blank sign in page. ACS itself acts as a relying party of Windows Live Connect, just as if your own service works with Live Connect directly. However, since your own service's registration information is different from ACS in Live Connect's view point, the two tokens cannot be used exchangablly.
- Marked As Answer by MingXu-MSFTModerator Monday, October 08, 2012 2:16 PM