26

What is the Metadata document that is required for "On-Premises Authority Authentication" in MVC 5?

I am supposed to supply it's URL in order to setup Organizational Accounts Authentication in MVC 5 for On-Premises option but I am new to web development and have no idea what it's looking for here.

Any help here would be appreciated.

FYI: I am trying to use internal Active Directory.

Refracted Paladin
  • 12,096
  • 33
  • 123
  • 233

2 Answers2

11

I am new to this myself, and may be mistaken in many respects, but my understanding of the 'Organizational Accounts' / 'On-Premises Authority' option for MVC apps is that it applies when you've set up Active Directory Federation Services / Windows Identity Foundation.

The primary motivator for doing that would be if you want to allow single sign on to cloud based apps based on your internal AD, or allow certain types of SharePoint SSO integrations with custom code. If you're not looking to do a cloud service + internal services seamless blending of authentication, then just choosing 'Windows Authentication' would be the far easier way to proceed.

If you do want to proceed with the WIF / ADFS approach, then the following might help:

Hope I'm not leading you on a wild duck chase with this info, but for the moment, that appears to me to be the most applicable information I could find.

Paul
  • 6,188
  • 1
  • 41
  • 63
user2994340
  • 121
  • 3
1

Trying to simplify user2994340's answer: https://learn.microsoft.com/en-us/aspnet/visual-studio/overview/2013/creating-web-projects-in-visual-studio#orgauthonprem

If you have setup a Windows Server Active Directory but you haven't setup AD Federation Services, and you are not planning to do so, best option is to use "Windows Authentication" option.

Trying to not go beyond my knowledge, as I'm not an expert in this matter, I think the main benefits of using ADFS is having an extranet application providing a single sign-on process authenticating against your AD. I think in following link that's pretty good explained: https://en.wikipedia.org/wiki/Active_Directory_Federation_Services.

Answering to what the Metadata document is: is a XML document published by your ADFS to allow an application to discover all of the relevant info about your ADFS (addresses, signing keys, identifiers, etc) and derive the project’s configuration from it. You can check more information in the following link: https://blogs.msdn.microsoft.com/card/2010/06/24/using-federation-metadata-to-establish-a-relying-party-trust-in-ad-fs-2-0/

rortegax2
  • 507
  • 1
  • 6
  • 19