Your extension will be available shortly on the Visual Studio Marketplace at this link.

Identity and Access Tool

Microsoft Free

Identity and Access Tool for Visual Studio 2012. Use this package to secure your application with claims based identity and accept users from multiple identity providers.

Microsoft
(33)
Visual Studio
2012
Download (82,287)
3/25/2013
1.1.0
View
E-mail Twitter del.icio.us Digg Facebook
Add to favorites
Description
Sign in to write a review
Sort by:

by Zainu | June 20 2015

Thanks and it worked very easily.

by leis-ray | October 09 2014

Works fine to me

by Ed (DareDevil57) | August 14 2014

Thank you

by Aaron [MVP] | January 10 2014

by Amsterdams | November 22 2013

I get this error
{"No version of the CardSpace service was found to be installed on the machine. Please install CardSpace and retry the operation."}


I was trying to implement this http://msdn.microsoft.com/en-us/library/jj161104.aspx

I have both 2012 and 2012 VS installed. Not sure if that is the problem

by Simerjot Kaur | October 11 2013

Unfortunately I have not been able to use the tool get which is very sorry since I really need such a tool. Even in a very simple scenario with a wcf service application and a windows console application when using the adfs it won’t work for me.

When executing the whole i always run into following exception:
{"No version of the CardSpace service was found to be installed on the machine. Please install CardSpace and retry the operation."}

by Vinny Jo | August 29 2013

Using ADFS 2.0. With Claims.... and Framework 4.5 (Mvc 4 project template)
Few issues:
The web.config produced contains issuerNameRegistry\authority and should be issuerNameRegistry\trustedIssuers (Framework 4.5)

the FederationMetadata.xml does not have any details about ds:Signature, KeyDescriptor, fed:ClaimTypesRequested. (can not specified certificate)

Tried Visual studio 2010 (Claim web project template) Add STS Reference option produced the right FederationMetada.xml.




by Mithun_daa | August 13 2013

I ran into the same issue as some of you here where the package was failing to load. Please make sure you close all instances of VS and restart it.

by ytr32323 | July 22 2013

by Srilatha Inavolu - MSFT | June 19 2013

Hi All,

Please run "devenv.exe /ResetSettings" if you have issues with VS loading the package.

If that doesn't work, please try the remaining steps in this post :
http://tinyurl.com/nx7bj4x

Hope this helps,
Sri.

by shriji1111 | June 05 2013

I found an error with this tool... it seems that it's bug
for more detail you may refer my microsoft forum page
http://social.msdn.microsoft.com/Forums/en-US/windowsazuredevelopment/thread/67d9f40a-1701-4b5a-9eb2-b2523f772dbe

by Quynh H. Nguyen | May 20 2013

by Vittorio Bertocci - MSFT | May 17 2013

Sorry to read that you are having issues with the tool and Update 2.
I have Update 2 on multiple machines and the tool works as expected. If you want us to help troubleshoot, I suggest you use the Q & A tab.

by rjygraham | May 16 2013

+1 for broken in Update 2. Still broken in Update 3 CTP even after an uninstall/reinstall.

by ggobbe | May 14 2013

Not working on visual studio 2012 update 2... The Identify and Access menu (to add an STS Reference) is missing.

by David Donabedian | May 12 2013

Not working with VS2012 Update 2

by Frank Robijn | May 11 2013

This type of extension is very welcome, but the current version is difficult to work with - it might not work at all. Tried to use it on a very simple WCF project, but it complains about a missing certificate. It tells you where to expect it (at C:\Users\...\AppData\Local\Microsoft\VisualStudio\11.0\Extensions\uv2jfeqz.qr2\LocalHost.pfx) and behold - that file exists! Unfortunately there is no information at all on how to solve this type of problem. It's a mess.

by Sergio Parra | April 27 2013

Thanks! nice job!

by Per Ekstedt | April 26 2013

Unfortunately I have not been able to use the tool get which is very sorry since I really need such a tool. Even in a very simple scenario with a wcf service application and a windows console application when using the local development STS it won’t work for me.

I can successfully configure the service application just clicking next and with SAML 2.0 chosen and it seems right even when I make a service reference in the console application to.

When executing the whole i always run into following exception:
{"No version of the CardSpace service was found to be installed on the machine. Please install CardSpace and retry the operation."}

Sometimes the LocalSTS don’t start but I get the error started or not.

Am I alone on this?

by _arash | April 07 2013

Thanks, it's great to see things are improving with identity tool

1 - 20 of 33 Items   
Sign in to start a discussion


  • SvcUtil Unable to obtain Metadata from LocalSTS
    4 Posts | Last post October 31, 2013
    • I've been trying to use both "Add Service Reference" in Visual Studio and SvcUtil to generate the config for a client program from a service which was setup to use the LocalSTS as the IP using the Identity and Access Tool. The issuer address for the client config is "http://schemas.microsoft.com/2005/12/ServiceModel/Addressing/Anonymous" which I suspect is incorrect.
      
      When I run SvcUtil against the service I get an error that it is unable to download the metadata from the LocalSTS.  The error is the following:
      Error: Obtaining metadata from issuer 'https://localhost/adfs/services/trust/mex' failed with error
      'System.InvalidOperationException: Metadata contains a reference that cannot be resolved: 'https://localhost/adfs/services/trust/mex'. --->
      System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost'. --->
      System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. --->
      System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
      
      I looked in the certificate store and the localhost cert is in the Local Computer Personal store, but not in the Trusted Root Certificates store.  I tried adding it to the Trusted Root Certificates with no change in the results.
      
      I was just wondering how I could get Add Service Reference and SvcUtil to work so that I could generate my client side configuration?
    • While continuing to investigate this I noticed that the Identity and Access Tool puts an issuer metadata address into the config file of "https://localhost/adfs/services/trust/mex" instead of the correct value of "http://localhost:15196/wsTrustSTS/mex" where 15196 is the port number assigned in the tool.  When I substituted this into the service config and ran Add Service Reference, it generated an issuer address of http://localhost:15196/wsTrustSTS/.
      So there seems to be a bug in the Identity and Access tool that it does not insert the correct issuerMetadata address when the LocalSTS is selected.
    • THANK YOU!  I had this same issue.  I kept getting the "windows cardspace" "Incoming policy failed Validation" error.  This post saved me.   
      
      The issue I had before this one had to do with the first time I tried to use the Identity and Access extension:
      
       1. the reference to the Security.IdentityModel.Tokens.ValidatingIssuerNameRegistry wasn't created and I had to find it and add it.
      
      2. the Config file for the client didn't generate the ws2007 Binding at all.  Even after fixing #1.  I had to manually add it.
      
      
      Then, I ran into this issue here... Thank you for posting the fix. :)
    • I passed the same point (finally got rid of that "windows cardspace" thing), but now when I check the value of "OperationContext.Current.ClaimsPrincipal" in my web service, I got null.  What can be the problem?  My gut feeling, once again, tells me that it's probably something in the config files (either web.config for the web services, or app.config for the desktop WPF app which act as a web service client).  
      
        I realize that for web services I should use WSTrust instead of the older WSFrederation.  But in the web.config for the web service, I still have this:
      
      <add key="ida:FederationMetadataLocation" value="http://localhost:12053/wsFederationSTS/FederationMetadata/2007-06/FederationMetadata.xml" />
      
      Can it be a problem?
      
      BTW, I was following the MSDN tutorial, "How To: Enable WIF for a WCF Web Service Application" (http://msdn.microsoft.com/en-us/library/jj161104.aspx).
  • Does not work
    2 Posts | Last post October 24, 2013
    • It's not appearing in the menu
    • I set mine target framework to 4.5 and it shows up.
  • "Identity and Access" menu item
    4 Posts | Last post September 26, 2013
    • I have installed Identity and Access Tool, but the "Identity and Access" menu never appears in the context menu when right clicking a web application project file. Already installed WIF separately.
    • What type of application are you using?  MVC4 or ???
    • I am experiencing the same behavior for a MVC4 Web App - Intranet.  
      Visual Studio 2012 Update 3
      Identity And Access V 1.1.0
    • Please disregard, I had inadvertently switched the framework version to 4.0.  Once switched back to 4.5, the option reappeared.  Sorry.
  • Error: Invalid access to memory location
    1 Posts | Last post September 24, 2013
    • Hi,
      
      I am getting "Invalid access to memory location" error sometimes (not always) when I right click on my project and select "Identity and Access...".
  • Missing "Choose how to handle unauthenticated requests" option
    6 Posts | Last post August 13, 2013
    • I've an MVC 4 application (Orchard CMS) targeting .NET 4.5. I want to add authentication through ACS in my project.
      
      I rightclick the project -> "Identity and Access"
      I fill in the Providers tabs and click OK
      I rightclick the project -> "Identity and Access"
      I click the Configuration tab
      
      Now in the blog of Vittorio ( http://tinyurl.com/a6zedjt ), there should now be an option "Choose how to handle unauthenticated requests", but unfortunately, this option is not there. It is just missing.
      
      Can anyone tell me what's wrong, or where to look?
    • That feature is enabled / disabled depending on the project type, a GUID in the csproj file. A check is made for MVC4, by looking at 
      <ProjectTypeGuids> for "E3E379DF-F4C6-4180-9B81-6769533ABE47" which is inserted when the mvc4 template runs on project creation.
      
      What does your <ProjectTypeGuids> look like?
    • Thank you for your answer Brent. My <ProjectTypeGuids> looks like this:
      
      <ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids>
      
    • Hi Brent,
      
      It seems there is an issue with the tools and the type of project as you mention. If we create a new MVC 4 App, the Wizard works as expected, but when we create a new Web Forms, the "Choose how to handle unauthenticated requests" is missing. We checked the Identity Training Kit and it seems (by looking at the screenshots) that this was enable for Web Forms. 
      
      We have VS 2012 with Update 2 installed. We need this for a Web Form project. Thoughts?
    • Hi Richard and Hernán,
      
      This feature is currently only supported for MVC4 project as mentioned in Vittorio's blog (towards the end of the post).
      
      Richard, from the ProjectTypeGuids, looks like you have a Web Forms project, an MVC4 project should have also have a E3E379DF-F4C6-4180-9B81-6769533ABE47 guid. Can you please double check ?
      
      Thanks,
      Sri.
    • I've started all over with an empty project, could not wait so many months to get an answer :-(
      
      I'm very sure it was a MVC 4 project.
  • Configuring an ACS namespace
    1 Posts | Last post July 19, 2013
    • When you choose to use the Windows Azure Access Control Service, you are prompted for your ACS namespace and its management key.
      
      I initially thought that the management key was the Symmetric Key from the Management service in the ACS portal, however it looks as if it's really the Password. Is this correct??
      
      I stumbled on this when I regenerated the symmetric key and then couldn't connect with the new key. When you first create an ACS namespace both the symmetric key and password are the same, but when you regenerate the key, the old password is left as it was.
  • Menu item not appearing in VS2012 Update 3 (with workaroud)
    1 Posts | Last post July 11, 2013
    • I've had problems getting the Identity and Access menu item to appear on VS2012 Update 3. I'm pretty sure I'd had it installed and working prior to applying Update 3.
      
      I've tried various things - uninstalling, reinstalling, as admin, logging, etc. Nothing helped.
      
      It looks to be installed ok. If go into the screen to customise the popup project menu, I can see the menu item there. But it just won't display when I right-click on the project.
      
      What has worked for me is to go into Options!Environment!Keyboard and assign a keyboard shortcut to the Identity and Access command.
      
      Pressing the newly created shortcut, triggers the wizard.
  • Error while load custom STS Federation Metadata
    3 Posts | Last post July 05, 2013
    • Hi,
      
      I am getting error while loading my custom STS Federation Metadata by using 'Identity and Access Tool'. This error is ID1116: MetaData download/parsing error, ID0011: There is no valid metadata document located 'path' at signature verification failed.
      
      Regards,
      Yasir
    • Hi Yasir,
      can you verify that your metadata document works correctly with other tools?
      thanks
      V.
    • I am getting a similar error.  Can you please let me know what "other tools" are?
      
      Thank,
      
      Eric
  • Any plans to support JWT in Local STS
    2 Posts | Last post July 03, 2013
    • Are there any plans to support the JWT (JSON web token) format in the Local Development STS? That's what we're using in production and it would make development easier if it were added to the tool.
    • Yes, it is pretty simple.
      JwtSecurityTokenHandler has GA'd and you can read about it here.  If you add it to the collection of security token handlers and set the token requested to JWT it should just work.
      
      http://www.cloudidentity.com/blog/2013/06/06/the-json-web-token-handler-for-net-4-5-reaches-ga/
      
      if you have any issues let me know.
      
      
  • VS2012 Update 2 & Update 3 CTP
    6 Posts | Last post June 20, 2013
    • Hi Vittorio, 
      
      As I mentioned in on Twitter, after applying Update 2 to my installation of VS2012 the Identity and Access menu disappears. Is there anything I can check to see why it is not showing up?
      
      Thanks,
      Ryan
    • Ryan, we are looking in the setup data you sent but for the time being there's nothing that stands out (apart from the fact that they refer to Update 3 CTP).
      The update 2 should have no effect on the tool setup, I am wondering if there is anything else at play. Can you please describe in details what verification flow are you using? What is the project that when opened before applying Update 2 was showing the IDA tool and now no longer shows it? 
    • Hey Vittorio,
      
      I was able to get some more information but I'm not sure if it'll help. On my work laptop with Update 2, I got this from the ActivityLog.xml after VS2012 told me there was an error:
      
      <entry>
          <record>531</record>
          <time>2013/06/10 19:56:19.673</time>
          <type>Error</type>
          <source>VisualStudio</source>
          <description>SetSite failed for package [IdentityAndAccessVSPackage]</description>
          <guid>{97E6CB8F-C650-43EA-A6F3-2B4A51ECC8D5}</guid>
          <hr>80004003 - E_POINTER</hr>
          <errorinfo>Object reference not set to an instance of an object.</errorinfo>
        </entry>
      
      IDA tool is not working for MVC nor WebForm sites.
      
      Sorry, it took so long to respond - I didn't get any notification saying that you responded to me.
      
      Thanks,
      Ryan
    • Ryan,
      
      Can you please double check if the tool is still installed under Tools -> Extensions and Updates ?
      
      Do you have WIF SDK installed on your machine ? If not, can you please install it and see if that makes a difference ?
      
      WIF SDK : http://www.microsoft.com/en-us/download/details.aspx?id=4451
      
      Thanks,
      Sri.
    • Ryan,
      
      Can you please try devenv.exe /ResetSettings ? If that doesn't work, please try the remaining steps mentioned in this post, http://social.msdn.microsoft.com/Forums/vstudio/en-US/fc763995-beed-4287-97de-6e47d3e87865/multiple-package-failures-on-load-of-ide ?
      
      Thanks,
      Sri.
    • OK, so I hate when this happens because it makes me uneasy, however the "Identity and Access..." started showing up again out of nowhere on my home machine.
      
      I'll try these steps on my work machine ASAP and report back.
      
      Thanks for looking into this and providing the suggestions above.
      
      Ryan
11 - 20 of 53 Items