Skip to main content
Skip table of contents

Configure DPE web application to use OIDC via AD FS

To enable the new logon mechanism you have to change your web.config in the following way:

(1) disable forms auth by commenting it out:

<!--
    <authentication mode="Forms">
      <forms name="MyFormsAuthCookie" timeout="1440" slidingExpiration="true" loginUrl="Logon.aspx" ticketCompatibilityMode="Framework40"/>
    </authentication>
-->


(2) enable AD FS OIDC support by specifying an AdFsServer:

Given that you have the following AD FS configuration...

and the following AD FS Application Group for DPE...

The DPE web.config would look like...

<add key="AdFsServer" value="https://dpe2019.davidsystems.com/adfs"/>

<add key="ida:AdfsMetadataEndpoint" value="https://dpe2019.davidsystems.com/federationmetadata/2007-06/federationmetadata.xml" />
<add key="ida:Audience" value="microsoft:identityserver:jsDPE" />
<add key="ida:Issuer" value="http://dpe2019.davidsystems.com/adfs/services/trust" />


(3) enable WCF service support for OIDC by adding oidcEndpoint behavior extension and reference it in <behavior name="cors">:

<system.serviceModel>
...
    <behaviors>
      <endpointBehaviors>
        ...
        <behavior name="cors">
          <webHttp/>
          <jsonWebHttp/>
          <enableCorsEndpoint/>
          <oidcEndpoint/>
        </behavior>
      </endpointBehaviors>
    <behaviors>
...
    <extensions>
    ...
      </behaviorExtensions>
        ...
        <add name="oidcEndpoint" type="David.Dpe.Wcf.OidcEndpointBehaviorElement, David.Dpe.Wcf"/>
        ...
      </behaviorExtensions>
    </extensions>   
...
</system.serviceModel>

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.