When configured to use an external ID provider (e.g. ADFS in our case), Adxstudio does not handle identity management functions such as creating user accounts in that external ID provider. When an external ID is authenticated and logged on to the Portal for the first time, Adxstudio automatically creates a new Contact record and associates it with the external ID.
Sometime you may want to customise this process. For example, you may want to do something like this:
- Create the Contact record first upon registration request
- Email user to confirm email address
- Provision user account in ADFS once user has confirmed email address (password may also be provided at this point)
- Link Contact record to ADFS account
Step 4 would require you to make appropriate update to the Contact record so that the Adxstudio Portal web app (the MVC app) can establish the link between the Contact record and the currently logon identity.
In order to achieve this you would need to update the following fields on the Contact record:
|Username (adx_identity_username)||The ADFS account username, e.g. mydomain\user1|
|Login Enabled (adx_identity_logonenabled)||True|
|Security Stamp (adx_identity_securitystamp)||A GUID – seems that any GUID will do|
|Profile Modified On (adx_profilemodifiedon)||If a value is not specified, the user will be taken to the Profile page upon login.|
You also need to create an External Identity (adx_externalidentity) record and associate it with the Contact.
The fields for this record are:
|Contact (adx_contactid)||The associated Contact record|
|Username (adx_username)||The ADFS account username, e.g. mydomain\user1|
|Identity Provider (adx_identityprovidername)||As we were using ADFS, we set this value to be the same as the value for the Authentication/WsFederation/ADFS/AuthenticationType Site Setting in CRM.|
Also note that Adxstudio adds a new form for the Contact entity in CRM, namely Portal Contact. You can use this form to view and update the fields above.