i followed official tutorial(http://msdn.microsoft.com/en-us/library/hh674475) requesting acs token in exchange of identity provider(facebook) token via swt token request.
i tried every possible thing , i'm unable rid of error
errorcode:400:subcode:t1019:detail: inavlid swt token. wrap_assertion value not swt assertion
note:
- i have verified issuer= [realm under edit identity provider page]
- signing key same symmetric key shown under token signing key
- i wrapping facebook accesstoken claim in swt token acs endpoint in order acs token in return.
correct me if doing wrong, yeah googled lot found nothing resolve!
p.s: have tried password token request service identity , works fine.
your problem seem you're dealing facebook directly , giving acs access token. that's not acs model facebook. basic model acs deals facebook first, not app. way works is:
- the end user requests access token facebook. happens either directly though acs (for example, making ws-federation sign-in request) or url specified acs (through identityproviders.js).
- the user logs in @ facebook.
- the auth code sent acs.
- acs exchanges auth code access token , retrieves user data. run through rules, packaged token, , sent rp. 1 of claims in token access token, rp can use make further facebook calls.
acs doesn't support model access token yourself, seems you're trying do.
Comments
Post a Comment