ID1038:AudienceRestrictionCondition无效,因为AudienceUris

时间:2017-09-01 06:50:40

标签: c# adfs

尝试创建自己的SAML持票人令牌(模拟第三方)

var descriptor = new SecurityTokenDescriptor();
descriptor.AppliesToAddress = "what-should-I-put-here";

并从ADFS交换JWT,ADFS给出错误

ID1038: The AudienceRestrictionCondition was not valid because the specified Audience is not present in AudienceUris

1 个答案:

答案 0 :(得分:0)

互联网上的其他答案指向您在app.config中设置条目,但这是此方案的红色鲱鱼。

正确的AudienceUri是具有特定路径的ADFS服务器:

descriptor.AppliesToAddress = "http://my-really-frustrating-adfs-server/adfs/services/trust"