Currently working on integrating an ADFS solution for the first time for a client request. Our client wants to use the federated login feature provided by their document and email management service NetDocuments, which we need to mimic and support in our own application.
We have set up a local ADFS domain and have reached the point of being able to get our saml url request https://domain/adfs/ls/wia?SAMLRequest=... but from there we cannot handle the saml response where an ADFS login page would be presented in a browser to sign in using their network credentials. What we get instead is a response string with the error "Script is disabled. Click Submit to continue" when viewed as HTML.
Once we are able to authenticate the user we would then receive a code back from NetDocuments that we could use in our app to retrieve tokens for future sign-ins.
Is it possible to programmatically authenticate a user and bypass the ADFS login screen that would be in a browser?
Some confusion here.
SAMLRequest is the SAML 2.0 protocol.
But "we would then receive a code back from NetDocuments that we could use in our app to retrieve tokens for future sign-ins" is OpenID Connect / OAuth Authorisation Code Grant flow.
You can't mix protocols.
Sounds like you need to concentrate on OpenID Connect which ADFS 4.0 supports.
The error you are getting is because SAML 2.0 is browser based and requires browser redirects to work.
Have a look at ADAL which gives you a built-in login screen and uses OpenID Connect.