I am in the process of implementing AD FS 2012 R2. The problem I'm running into is implementing federated sign-out and redirecting back to the original relying party after the sign-out is completed. Here is the code I am using:
WSFederationAuthenticationModule fedAuthenticationModule = System.IdentityModel.Services.FederatedAuthentication.WSFederationAuthenticationModule; fedAuthenticationModule.SignOut(false); SignOutRequestMessage signOutRequestMessage = new SignOutRequestMessage(new Uri(fedAuthenticationModule.Issuer), @"https://app.domain.com/applicationname/"); Response.Redirect(signOutRequestMessage.WriteQueryString());
"https://app.domain.com/applicationname/" is the same uri specified as the WS-Fed Endpoint.
I used Fiddler and it looks like the Signout page is using an IFrame to sign-out the relying parties. However, AD FS is not redirecting back the relying party.
Does this scenario work? If so, what am I missing?
Mark Remkiewicz