Document Details
Identity Provider Adfs Saml
❌
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Bias Types:
⚠️
windows_tools
⚠️
powershell_heavy
⚠️
windows_first
⚠️
missing_linux_example
Summary:
The documentation demonstrates a strong Windows bias by exclusively referencing Windows tools (Server Manager, AD FS Management snap-in, Event Viewer), providing only PowerShell command examples for configuration, and omitting any mention of Linux or cross-platform alternatives for AD FS management or troubleshooting. All step-by-step instructions assume a Windows environment, with no guidance for Linux administrators.
Recommendations:
- Provide equivalent instructions or notes for environments where AD FS is accessed remotely or managed via non-Windows systems (e.g., via REST APIs, if available, or using cross-platform tools).
- Include references to any available cross-platform AD FS management tools or clarify that AD FS is a Windows-only technology, but highlight how Linux administrators can interact with it (e.g., via browser-based management, remote PowerShell from Linux, or REST endpoints).
- Where PowerShell is used, mention if and how PowerShell Core (pwsh) on Linux/macOS can be used, or provide alternative command-line examples if possible.
- For certificate creation and management, include Linux-based commands (e.g., using OpenSSL) alongside Windows-centric instructions.
- Explicitly state the Windows-only nature of certain steps, and provide guidance for mixed-environment teams (e.g., how a Linux admin can coordinate with a Windows admin for AD FS configuration).
Create pull request
Scan History
| Date | Scan ID | Status | Bias Status |
|---|---|---|---|
| 2025-09-14 00:00 | #111 | completed | ❌ Biased |
| 2025-08-14 00:01 | #80 | in_progress | ❌ Biased |
| 2025-08-13 00:00 | #79 | in_progress | ✅ Clean |
| 2025-07-13 21:17 | #46 | cancelled | ❌ Biased |
| 2025-07-13 21:11 | #45 | cancelled | ✅ Clean |
| 2025-07-13 20:48 | #44 | cancelled | ❌ Biased |
| 2025-07-13 20:32 | #43 | cancelled | ❌ Biased |
| 2025-07-09 13:09 | #3 | cancelled | ✅ Clean |
| 2025-07-08 04:23 | #2 | cancelled | ❌ Biased |
Flagged Code Snippets
<ClaimsProvider>
<Domain>contoso.com</Domain>
<DisplayName>Contoso</DisplayName>
<TechnicalProfiles>
<TechnicalProfile Id="Contoso-SAML2">
<DisplayName>Contoso</DisplayName>
<Description>Login with your AD FS account</Description>
<Protocol Name="SAML2"/>
<Metadata>
<Item Key="WantsEncryptedAssertions">false</Item>
<Item Key="PartnerEntity">https://your-AD-FS-domain/federationmetadata/2007-06/federationmetadata.xml</Item>
</Metadata>
<CryptographicKeys>
<Key Id="SamlMessageSigning" StorageReferenceId="B2C_1A_SAMLSigningCert"/>
</CryptographicKeys>
<OutputClaims>
<OutputClaim ClaimTypeReferenceId="issuerUserId" PartnerClaimType="userPrincipalName" />
<OutputClaim ClaimTypeReferenceId="givenName" PartnerClaimType="given_name"/>
<OutputClaim ClaimTypeReferenceId="surname" PartnerClaimType="family_name"/>
<OutputClaim ClaimTypeReferenceId="email" PartnerClaimType="email"/>
<OutputClaim ClaimTypeReferenceId="displayName" PartnerClaimType="name"/>
<OutputClaim ClaimTypeReferenceId="identityProvider" DefaultValue="contoso.com" />
<OutputClaim ClaimTypeReferenceId="authenticationSource" DefaultValue="socialIdpAuthentication"/>
</OutputClaims>
<OutputClaimsTransformations>
<OutputClaimsTransformation ReferenceId="CreateRandomUPNUserName"/>
<OutputClaimsTransformation ReferenceId="CreateUserPrincipalName"/>
<OutputClaimsTransformation ReferenceId="CreateAlternativeSecurityId"/>
<OutputClaimsTransformation ReferenceId="CreateSubjectClaimFromAlternativeSecurityId"/>
</OutputClaimsTransformations>
<UseTechnicalProfileForSessionManagement ReferenceId="SM-Saml-idp"/>
</TechnicalProfile>
</TechnicalProfiles>
</ClaimsProvider>