Hi,
I had listened to Vitorrio and Caleb's video on the new ADFS support for Oauth2.0 in Win 2012 r2 preview.
Accordingly, I did the following:
We installed windows server 2012 R2 and then setup a DNS server and AD DS services.
Also installed IIS ( looks like it may not be needed).
Anyway, then went ahead and installed ADFS Server role and configured it as a federation server. We only required oauth2 – so SAML and WS-Trust were not configured.
There is no federation proxy either or multi-factor authentication.
the ADFS service is running and there are no errors in the logs. Self-signed cert for the domain was used while configuring ADFS. After ADFS installation, this cert along with two other certs for token decryption and token-signing can be seen under ADFS->Service->Certificates.
ADFS Relying Party trust was configured to identify our resource app. Oauth2 clients were registered via the powershell cmdlets.
Setspn cmd was run on the Administrator account associated with managing ADFS.
On running Get-ADFSEndpoint in the powershell, it lists https:<FQDN of my server>/adfs/oauth2.
However, on trying to access the authorization endpoint from IE (javascript and cookies are enabled on the browser) by extending the above endpoint URL I get a “http 503 no service available” error.
There is no node or site under IIS associated with ADFS – as seen with ADFS on win server 2008 R2.
We also tried accessing the ADFS endpoint after stopping IIS service.
What is wrong or missing from the above steps? What are the exact Oauth2 authorization and token endpoints to use?
Let me know if any specific screen shot or output will help.
Thanks,
Shanthi