Hello there!

Need Help? We are right here!

miniOrange Support

Thanks for your inquiry.
One of our representatives will get in touch with you shortly via email.

Authenticate Winforms with ADFS
miniOrange provides a ready to use solution for Winforms application. Log in to your Winforms application with ADFS or any other social or enterprise credential store.

Winforms with ADFS using miniOrange

Follow the Step-by-Step Guide given below to integrate your Winforms app with ADFS.

Step 1: Create ADFS as Identity Source in miniOrange

Step 2: Configure miniOrange as relying party in ADFS

Step 3: Creating an external app in miniOrange

Step 4: Integrate in your Winforms App

Creating the Authentication Request token

Customer Key – for creating the final Endpoint URL
App Secret – for creating the token
Customer Token Key – for encrypting the generated token

Creating the Request token:
The request token must be in the following format:{Current_Timestamp_In_Milliseconds}:{App_Secret}
For example:1454392823570:abcdefghijklmnop
NOTE: Each Token is valid for 60 seconds.

When the token is created, you will need to encrypt the token value using the Customer Token Key. Use the following method to encrypt the token:
Encryption method: AES
Operation Mode: ECB
Padding Scheme: PKCS5 Padding

Example JAVA Code for encrypting the token:
public static String encrypt(String text) throws Exception {
		Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
		SecretKeySpec keyspec = 
	new SecretKeySpec("Customer_Token_Key".getBytes(), "AES");

	if (text == null || text.length() == 0)
	throw new Exception("Empty string");
	byte[] encrypted = null;
	try {
	cipher.init(Cipher.ENCRYPT_MODE, keyspec );
	encrypted = cipher.doFinal(text.getBytes());
	} catch (Exception e) {
	throw new Exception("[encrypt] " + e.getMessage());
	return Base64.encodeBase64String(encrypted);
If the Customer Token Key used to encrypt the above token is: klmnopqrstuvwxyz
The encrypted value for the above mentioned token should be:PJm8sn7Q1BYjdu7nXLAoATJOwuCecSxFeEz2MJzQShc=

Once the encrypted token is created, URL encode the encrypted token and append it to the miniOrange endpoint and redirect the user. Here is the final URL where you should redirect the user:
Replace {YOUR_CUSTOMER_KEY} with the Customer Key you have.

Receiving and Verifying the JWT token
The JWT token can be found in Query String Parameter id_token.
For Example, in Java you can get the JWT token like this:
String jwtToken = request.getParameter("id_token");

For verifying the JWT token, you will need the Certificate you downloaded from miniOrange. You can use the open source libraries available on http://jwt.io/ If you are using the library for Java, you can use jose4j library https://bitbucket.org/b_c/jose4j/wiki/Home
You can follow this example of jose4j to verify the JWT token received: https://bitbucket.org/b_c/jose4j/wiki/JWT%20Examples

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com