How to get the email and name from Azure ACS?

I'm using the Azure ACS, and I've been looking for away to get the email and name from the SAML 2.0 response or something开发者_StackOverflow.

But I dont see any options for it, I redirect the user to localhost:8000/acc/completesigninup/

There I have the XML from the FormCollection object, I see the Email and Name in the xml but I'm not sure how to get it. Is there a parser that's included in the Identity dll to get that info?

Since you are mentioning of FormCollection I assume you are programming in windows with .Net. Then the easiest thing would be using WIF (http://msdn.microsoft.com/en-us/security/aa570351).

This way you don't have to parse the token, validate it, set the User Identity, and then create a cookie representing the information from the token.

WIF, once you install and configure it (its SDK comes with a Visual Studio extension to do this), will do these for you automatically.

You can look at some samples using WIF with MVC. One sample is ACS with MVC3 which you can find at:

http://msdn.microsoft.com/en-us/library/hh127794.aspx

Once you do this in your controllers you can access to user's identity and get the claim values e.g.:

((IClaimsPrincipal)HttpContext.User).Identity.Claims.FirstOrDefault(c => c.ClaimType == ClaimTypes.Email)

Note that Windows Live IDP in ACS will NOT give out e-mail addresses of users as claims due to Windows Live privacy policy.

Atacan is correct about everything but one detail: There appears to be a way to get the desired information from Windows Live, but it's different than the way used for Google, Facebook, and Yahoo accounts. The JavaScript Windows Live API includes support for getting information like the user's first name (link).

I haven't tried this, so I don't know what else is required, but that may be what you're looking for.