Configuring Identity Server
Applies To: Windows Azure Pack
Configuring thinktecture Identity Server for use with Windows Azure Pack is in two phases. First the intitial configuration and feature enablement takes place. Second the website is registered with the identity providers, in this case, Microsoft Account, Facebook and Google.
Configuring the thinktecture Identity Server Website
To Perform Initial Configuration
In a browser, Open the thinktecture Identity Server website and start initial configuration. For more information see Installing Identity Server.
Enter a Site name of your choice, update update Issue URL (change the last part to make it unique), select Certificate and create admin account credentials.
Click the Save button to complete initial configuration.
To Enable Required Features
In a browser, open the thinktecture Identity Server website and select Protocols under the Configuration section. Enable the WS-Federation, Federation Metadata and WS-Trust Protocols.
In the Protocols section, select WS-Configuration and ensure all options selected.
An optional step is to create a fully qualified domain name for the server. This step is optional and only required if the server you are installing Identity Server on doesn’t have a fully qualified domain name assigned to it (external or internal). Google (and other identity providers) won’t allow you to use localhost as a redirect link for your server. At the same time they won’t try to ping the server, so you can use any domain name set in hosts file on your machine.
To Add a Fully Qualified Domain Name (optional)
Open the hosts file in [windir]\System32\Drivers\etc. where [windir] is the installation drive and folder for Windows Server 2012.
Add the required domain name to the bottom as shown in the following diagram.