The privacyidea-adfsprovider plugin is configured as additional
authentication provider for adfs. The Adfs is level 5 with Windows 2019. We
have configured admin credentials in config.xml for challenge/response and
are using for otp sms token. While it is working with auto-registration for
users using event handler policy but in 6 out of 10 requests, the otp page is not shown and some cases the username is not passed on after otp validation.
Provider Version: 1.3.6.0
PrivacyIDEA Version: 3.3
Following messages in the Windows Event Manger :
triggerChallenge: The remote server returned an error: (400) Bad Request.
System.Net.WebException: The remote server returned an error: (400) Bad Request.
at System.Net.WebClient.UploadValues(Uri address, String method, NameValueCollection data)
at privacyIDEAADFSProvider.OTPprovider.triggerChallenge(String OTPuser, String realm, String token)
An authentication provider was successfully loaded: Identifier: ‘privacyIDEA-ADFSProvider’, Context: ‘Proxy device TLS pipeline’
PrivacyIDEA Policy definiton:
Events: Validate_Check, validate_triggerChallenge
Handler: Token pre 0
User_token_number: 0
Action: Enroll
TokenType: SMS