Document Details
Identity Provider Adfs Saml
❌
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Bias Types:
⚠️
windows_tools
⚠️
powershell_heavy
⚠️
windows_first
⚠️
missing_linux_example
Summary:
The documentation page demonstrates a strong Windows bias throughout. All AD FS configuration steps are described using Windows-specific tools such as Server Manager, AD FS Management snap-in, and PowerShell cmdlets. There are no Linux or cross-platform alternatives provided for any step, and all troubleshooting instructions reference Windows event logs and tools. The documentation assumes the administrator is operating in a Windows environment and does not mention or provide guidance for Linux-based AD FS alternatives or SAML identity providers.
Recommendations:
- Provide equivalent instructions for configuring SAML identity providers using non-Windows AD FS alternatives (e.g., Shibboleth, SimpleSAMLphp) commonly used on Linux.
- Include examples of how to generate and manage certificates using Linux tools (e.g., OpenSSL) alongside any Windows-specific instructions.
- Offer guidance on how to view and troubleshoot SAML logs and events using Linux-based tools or generic SAML debugging tools.
- Clearly state at the beginning of the document that the instructions are Windows/AD FS-specific, and link to separate guides for Linux-based SAML providers if available.
- Where PowerShell or Windows GUI steps are given, provide equivalent CLI or configuration file examples for Linux-based SAML providers.
Create pull request
Scan History
| Date | Scan ID | Status | Bias Status |
|---|---|---|---|
| 2025-09-14 00:00 | #111 | completed | ❌ Biased |
| 2025-08-14 00:01 | #80 | in_progress | ❌ Biased |
| 2025-08-13 00:00 | #79 | in_progress | ✅ Clean |
| 2025-07-13 21:17 | #46 | cancelled | ❌ Biased |
| 2025-07-13 21:11 | #45 | cancelled | ✅ Clean |
| 2025-07-13 20:48 | #44 | cancelled | ❌ Biased |
| 2025-07-13 20:32 | #43 | cancelled | ❌ Biased |
| 2025-07-09 13:09 | #3 | cancelled | ✅ Clean |
| 2025-07-08 04:23 | #2 | cancelled | ❌ Biased |
Flagged Code Snippets
<ClaimsProvider>
<Domain>contoso.com</Domain>
<DisplayName>Contoso</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="Contoso-SAML2">
<DisplayName>Contoso</DisplayName>
<Description>Login with your AD FS account</Description>
<Protocol Name="SAML2"/>
<Metadata>
<Item Key="WantsEncryptedAssertions">false</Item>
<Item Key="PartnerEntity">https://your-AD-FS-domain/federationmetadata/2007-06/federationmetadata.xml</Item>
</Metadata>
<CryptographicKeys>
<Key Id="SamlMessageSigning" StorageReferenceId="B2C_1A_SAMLSigningCert"/>
</CryptographicKeys>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="issuerUserId" PartnerClaimType="userPrincipalName" />
<OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="given_name"/>
<OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="family_name"/>
<OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="email"/>
<OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="name"/>
<OutputClaim ClaimTypeReferenceId="identityProvider" DefaultValue="contoso.com" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="socialIdpAuthentication"/>
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName"/>
<OutputClaimsTransformation ReferenceId="CreateUserPrincipalName"/>
<OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId"/>
<OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId"/>
</OutputClaimsTransformations>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Saml-idp"/>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>