Identity and Access Tool

Microsoft Free

Identity and Access Tool for Visual Studio 2012. Use this package to secure your application with claims based identity and accept users from multiple identity providers.

(33) Review
Visual Studio
Download (81,129)
E-mail Twitter Digg Facebook
Add to favorites
Reviews (33)
Q and A (52)
Sign in to write a review
Sort by:

by Zainu | June 20 2015

Thanks and it worked very easily.

by leis-ray | October 09 2014

Works fine to me

by Ed (DareDevil57) | August 14 2014

Thank you

by Aaron [MVP] | January 10 2014

by Amsterdams | November 22 2013

I get this error
{"No version of the CardSpace service was found to be installed on the machine. Please install CardSpace and retry the operation."}

I was trying to implement this

I have both 2012 and 2012 VS installed. Not sure if that is the problem

by Simerjot Kaur | October 11 2013

Unfortunately I have not been able to use the tool get which is very sorry since I really need such a tool. Even in a very simple scenario with a wcf service application and a windows console application when using the adfs it won’t work for me.

When executing the whole i always run into following exception:
{"No version of the CardSpace service was found to be installed on the machine. Please install CardSpace and retry the operation."}

by Vinny Jo | August 29 2013

Using ADFS 2.0. With Claims.... and Framework 4.5 (Mvc 4 project template)
Few issues:
The web.config produced contains issuerNameRegistry\authority and should be issuerNameRegistry\trustedIssuers (Framework 4.5)

the FederationMetadata.xml does not have any details about ds:Signature, KeyDescriptor, fed:ClaimTypesRequested. (can not specified certificate)

Tried Visual studio 2010 (Claim web project template) Add STS Reference option produced the right FederationMetada.xml.

by Mithun_daa | August 13 2013

I ran into the same issue as some of you here where the package was failing to load. Please make sure you close all instances of VS and restart it.

by ytr32323 | July 22 2013

by Srilatha Inavolu - MSFT | June 19 2013

Hi All,

Please run "devenv.exe /ResetSettings" if you have issues with VS loading the package.

If that doesn't work, please try the remaining steps in this post :

Hope this helps,

by shriji1111 | June 05 2013

I found an error with this tool... it seems that it's bug
for more detail you may refer my microsoft forum page

by Quynh H. Nguyen | May 20 2013

by Vittorio Bertocci - MSFT | May 17 2013

Sorry to read that you are having issues with the tool and Update 2.
I have Update 2 on multiple machines and the tool works as expected. If you want us to help troubleshoot, I suggest you use the Q & A tab.

by rjygraham | May 16 2013

+1 for broken in Update 2. Still broken in Update 3 CTP even after an uninstall/reinstall.

by ggobbe | May 14 2013

Not working on visual studio 2012 update 2... The Identify and Access menu (to add an STS Reference) is missing.

by David Donabedian | May 12 2013

Not working with VS2012 Update 2

by Frank Robijn | May 11 2013

This type of extension is very welcome, but the current version is difficult to work with - it might not work at all. Tried to use it on a very simple WCF project, but it complains about a missing certificate. It tells you where to expect it (at C:\Users\...\AppData\Local\Microsoft\VisualStudio\11.0\Extensions\uv2jfeqz.qr2\LocalHost.pfx) and behold - that file exists! Unfortunately there is no information at all on how to solve this type of problem. It's a mess.

by Sergio Parra | April 27 2013

Thanks! nice job!

by Per Ekstedt | April 26 2013

Unfortunately I have not been able to use the tool get which is very sorry since I really need such a tool. Even in a very simple scenario with a wcf service application and a windows console application when using the local development STS it won’t work for me.

I can successfully configure the service application just clicking next and with SAML 2.0 chosen and it seems right even when I make a service reference in the console application to.

When executing the whole i always run into following exception:
{"No version of the CardSpace service was found to be installed on the machine. Please install CardSpace and retry the operation."}

Sometimes the LocalSTS don’t start but I get the error started or not.

Am I alone on this?

by _arash | April 07 2013

Thanks, it's great to see things are improving with identity tool

1 - 20 of 33 Items   
Sign in to start a discussion

  • Does not work
    2 Posts | Last post October 24, 2013
    • It's not appearing in the menu
    • I set mine target framework to 4.5 and it shows up.
  • "Identity and Access" menu item
    4 Posts | Last post September 26, 2013
    • I have installed Identity and Access Tool, but the "Identity and Access" menu never appears in the context menu when right clicking a web application project file. Already installed WIF separately.
    • What type of application are you using?  MVC4 or ???
    • I am experiencing the same behavior for a MVC4 Web App - Intranet.  
      Visual Studio 2012 Update 3
      Identity And Access V 1.1.0
    • Please disregard, I had inadvertently switched the framework version to 4.0.  Once switched back to 4.5, the option reappeared.  Sorry.
  • Error: Invalid access to memory location
    1 Posts | Last post September 24, 2013
    • Hi,
      I am getting "Invalid access to memory location" error sometimes (not always) when I right click on my project and select "Identity and Access...".
  • Missing "Choose how to handle unauthenticated requests" option
    6 Posts | Last post August 13, 2013
    • I've an MVC 4 application (Orchard CMS) targeting .NET 4.5. I want to add authentication through ACS in my project.
      I rightclick the project -> "Identity and Access"
      I fill in the Providers tabs and click OK
      I rightclick the project -> "Identity and Access"
      I click the Configuration tab
      Now in the blog of Vittorio ( ), there should now be an option "Choose how to handle unauthenticated requests", but unfortunately, this option is not there. It is just missing.
      Can anyone tell me what's wrong, or where to look?
    • That feature is enabled / disabled depending on the project type, a GUID in the csproj file. A check is made for MVC4, by looking at 
      <ProjectTypeGuids> for "E3E379DF-F4C6-4180-9B81-6769533ABE47" which is inserted when the mvc4 template runs on project creation.
      What does your <ProjectTypeGuids> look like?
    • Thank you for your answer Brent. My <ProjectTypeGuids> looks like this:
    • Hi Brent,
      It seems there is an issue with the tools and the type of project as you mention. If we create a new MVC 4 App, the Wizard works as expected, but when we create a new Web Forms, the "Choose how to handle unauthenticated requests" is missing. We checked the Identity Training Kit and it seems (by looking at the screenshots) that this was enable for Web Forms. 
      We have VS 2012 with Update 2 installed. We need this for a Web Form project. Thoughts?
    • Hi Richard and Hernán,
      This feature is currently only supported for MVC4 project as mentioned in Vittorio's blog (towards the end of the post).
      Richard, from the ProjectTypeGuids, looks like you have a Web Forms project, an MVC4 project should have also have a E3E379DF-F4C6-4180-9B81-6769533ABE47 guid. Can you please double check ?
    • I've started all over with an empty project, could not wait so many months to get an answer :-(
      I'm very sure it was a MVC 4 project.
  • Configuring an ACS namespace
    1 Posts | Last post July 19, 2013
    • When you choose to use the Windows Azure Access Control Service, you are prompted for your ACS namespace and its management key.
      I initially thought that the management key was the Symmetric Key from the Management service in the ACS portal, however it looks as if it's really the Password. Is this correct??
      I stumbled on this when I regenerated the symmetric key and then couldn't connect with the new key. When you first create an ACS namespace both the symmetric key and password are the same, but when you regenerate the key, the old password is left as it was.
  • Menu item not appearing in VS2012 Update 3 (with workaroud)
    1 Posts | Last post July 11, 2013
    • I've had problems getting the Identity and Access menu item to appear on VS2012 Update 3. I'm pretty sure I'd had it installed and working prior to applying Update 3.
      I've tried various things - uninstalling, reinstalling, as admin, logging, etc. Nothing helped.
      It looks to be installed ok. If go into the screen to customise the popup project menu, I can see the menu item there. But it just won't display when I right-click on the project.
      What has worked for me is to go into Options!Environment!Keyboard and assign a keyboard shortcut to the Identity and Access command.
      Pressing the newly created shortcut, triggers the wizard.
  • Error while load custom STS Federation Metadata
    3 Posts | Last post July 05, 2013
    • Hi,
      I am getting error while loading my custom STS Federation Metadata by using 'Identity and Access Tool'. This error is ID1116: MetaData download/parsing error, ID0011: There is no valid metadata document located 'path' at signature verification failed.
    • Hi Yasir,
      can you verify that your metadata document works correctly with other tools?
    • I am getting a similar error.  Can you please let me know what "other tools" are?
  • Any plans to support JWT in Local STS
    2 Posts | Last post July 03, 2013
    • Are there any plans to support the JWT (JSON web token) format in the Local Development STS? That's what we're using in production and it would make development easier if it were added to the tool.
    • Yes, it is pretty simple.
      JwtSecurityTokenHandler has GA'd and you can read about it here.  If you add it to the collection of security token handlers and set the token requested to JWT it should just work.
      if you have any issues let me know.
  • VS2012 Update 2 & Update 3 CTP
    6 Posts | Last post June 20, 2013
    • Hi Vittorio, 
      As I mentioned in on Twitter, after applying Update 2 to my installation of VS2012 the Identity and Access menu disappears. Is there anything I can check to see why it is not showing up?
    • Ryan, we are looking in the setup data you sent but for the time being there's nothing that stands out (apart from the fact that they refer to Update 3 CTP).
      The update 2 should have no effect on the tool setup, I am wondering if there is anything else at play. Can you please describe in details what verification flow are you using? What is the project that when opened before applying Update 2 was showing the IDA tool and now no longer shows it? 
    • Hey Vittorio,
      I was able to get some more information but I'm not sure if it'll help. On my work laptop with Update 2, I got this from the ActivityLog.xml after VS2012 told me there was an error:
          <time>2013/06/10 19:56:19.673</time>
          <description>SetSite failed for package [IdentityAndAccessVSPackage]</description>
          <hr>80004003 - E_POINTER</hr>
          <errorinfo>Object reference not set to an instance of an object.</errorinfo>
      IDA tool is not working for MVC nor WebForm sites.
      Sorry, it took so long to respond - I didn't get any notification saying that you responded to me.
    • Ryan,
      Can you please double check if the tool is still installed under Tools -> Extensions and Updates ?
      Do you have WIF SDK installed on your machine ? If not, can you please install it and see if that makes a difference ?
      WIF SDK :
    • Ryan,
      Can you please try devenv.exe /ResetSettings ? If that doesn't work, please try the remaining steps mentioned in this post, ?
    • OK, so I hate when this happens because it makes me uneasy, however the "Identity and Access..." started showing up again out of nowhere on my home machine.
      I'll try these steps on my work machine ASAP and report back.
      Thanks for looking into this and providing the suggestions above.
  • Stupid questions
    2 Posts | Last post June 18, 2013
    • Hi sorry for these questions, but it is unclear to me what is the difference between the following options when using the tool:
      1) Enter the APP ID URI (realm) of your application in the providers tab
      2) Enter the APP ID URI (realm) of your application in the configurations tab
      3) Enter the Audience Uri for your application in the configurations tab
      The second question is :
      In the provides tab in the option for 
      Enter the path to the STS metadata document: 
      should I put:
    • Hi Julio,
      Answer for First question : They are all the same with subtle differences in the usages.
       The APP ID URI (realm) in the providers tab is used to create/update the relying party application in ACS. 
       The APP ID URI (realm) in Configuration tab gets updated with the value that is entered in the Providers tab. It is used to update the realm attribute in the wsFederation element in web.config. 
       The Audience Uri is used to update the audienceUris element in web.config, the value of Audience Uri should be the same as the realm. 
      Answer for Second question : Either of the paths could be provided, just make sure that the PassiveRequestorEndpoint element in the FederationMetadata document is where the STS is actually listening at.
11 - 20 of 52 Items