What is ADFS Federation Metadata
In this blog we are going to dive deep into ADFS Federation Metadata. We will discuss what is ADFS Federation Metadata, what information ADFS Federation Metadata contains, how to find ADFS Federation Metadata URL, and we will discuss how to download ADFS Federation Metadata xml.
Table of Contents
Watch video
Join us on our YouTube channel and watch this video to dive deep into ADFS Federation Metadata.
What is ADFS Federation Metadata
In nutshell, ADFS Federation Metadata contains all the information that is required by an application to contact ADFS server.
When an application vendor wants to integrate their application with ADFS server, they need certain information from the ADFS server. For example, public key of the token-signing certificate of the ADFS server that will be used by the application to validate the token that is issued by the ADFS server. Then application needs the claim description, so that it can ask ADFS server to include a particular claim within the security token that will be issued to this application. And finally, it would need list of the endpoints of ADFS server where this application will connect. All this information is available within federation metadata URL of ADFS server.
ADFS Federation Metadata URL
To find ADFS Federation Metadata URL, run below command in Windows PowerShell on ADFS server.
Get-AdfsEndpoint | Select-Object -FullUrlThis command will return all the endpoints of ADFS server. In this list, look for an endpoint that ends will /FederationMetadata.xml.
How to download ADFS Federation Metadata xml
To download ADFS federation metadata xml, copy the URL as shown in above image, and paste it in a browser. This will download an xml file with name FederationMetadata.xml.
What ADFS Federation Metadata contains
ADFS federation metadata contains URL of Federation Service Identifier of your ADFS server, it contains information about ADFS server endpoints, it contains information of the claims that ADFS server can issue to the applications, it contains token-signing certificate of the ADFS server.
To view this information, open the xml file that you downloaded in above step. In this xml file you can find all the information that is required by an application to integrate with ADFS server. Please refer to below images to more about what information is available in ADFS federation metadata xml file.
Federation Service Identifier name of the ADFS server:
Claims information:
ADFS Endpoints:
ADFS token-signing certificate:
Conclusion
In this blog we learnt what is ADFS federation metadata, we learnt how to download ADFS federation metadata URL, and what information ADFS federation metadata xml file contains.
Found this blog helpful and informative, please share it within your community. Join us on YouTube for videos on Cloud technology, and join our Newsletter for early access to the blogs and updates.
Related articles
We welcome you to browse our other articles on ADFS (Active Directory Federation Services):
What is ADFS
What is federation trust in ADFS
ADFS deployment types
How to install ADFS on Windows Server 2016
ADFS claims based architecture
Set up ADFS for Microsoft 365 for Single Sign-On
ADFS endpoints explained
What is ADFS relying party trust, ADFS Claim Rules
Happy Learning!!