I created a "test" project in which I use .Net 4.6 WebApi, which I want to integrate using ADFS, similar to this host . I call the api from the angular project and using the following code, I can get the authorization header:
string authority = ConfigurationManager.AppSettings["adfsEndpoint"].ToString();
string resourceURI = "https://localhost:44388/";
string clientID = "someguid";
string clientReturnURI = "http://localhost:55695/";
var ac = new AuthenticationContext(authority, false);
var ar = await ac.AcquireTokenAsync(resourceURI, clientID, new Uri(clientReturnURI), new PlatformParameters(PromptBehavior.Auto));
string authHeader = ar.CreateAuthorizationHeader();
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost:64038/api/Values");
request.Headers.TryAddWithoutValidation("Authorization", authHeader);
var response = await client.SendAsync(request);
return response ;
However, the next time I call my ValuesController, which uses the Authorize attribute, I always get a 401 Unathorized response (even if I pass the authorization header). I'm not sure what I am missing.
Another thing to note: when my credentials are offered to me, I get the dialog box below, and not the typical ADFS login page that I get with my regular MVC applications that authenticate using ADFS (I'm not sure why it happens or). 