Linux and AD-FS -"Authentication Failed"

[SupportGuys89]

Hello Fellow FM'ers!

We have been testing Linux and everything has been great, but we are having issues with the authentication via web direct using Windows Federated Services. We followed the steps in the available documentation "Addendum4_ADFS.pdf" and also used "ExtendOAuth_v1.pdf" to get the AD-FS rules configured as well as the necessary admin console requirements (Client Key, Shared Key etc...) We do see the following on attempting to login to our solution:

 

And when we click on the AD FS Option we do receive a login prompt from our Federated Services:

 

 

However, even with the correct credentials we still see the following error message:

 

We have reviewed the logs within AD-FS and no errors are reported and the credentials are passed as expected. Within our solution and Active Directory, we also ensured the user is in the correct group to access our solution via webdirect. I will gladly provide more details into the configuration of AD-FS or FM Admin Console, but these all match the documentation provided by Claris. 

We went a bit further and got an inhouse developer to take a look and test the flow and he was able to confirm the following:

• Our Endpoints are setup correctly and can be viewed internally @"https://INTERNALADFS/adfs/.well-known/openid-configuration"
• Initial request  was tested with "https://oidcdebugger.com/" 
• Postman was then used to test once we received a response.
• Decoding the jwt received with "https://jwt.ms/"
   

The JWT had a unique_name, an email, and a groups array with one of the values in that group array being the group that is set up in the Filemaker solution.

 

With that said, we are not sure what the next step would be to test this as we appear to be seeing all the correct information in our testing yet we still are not being "authenticated" in our solution. I have also opened a ticket with FIleMaker and no luck as of yet. Any insight would be greatly appreciated!

 

[jack88]

I have setup a  lab to test this also and have the same results

please post if you get an answer or solution