Currently I have 2 relying parties setup in the same ADFS server; one for my web api and one setup for MVC application. When I get the token for authenticating in MVC app I capture this token to send it to my web api for authentication as well. This token does not work for the web api. If I specifically make a new call for that relying party(web api) it will work so i think that it is setup correctly in ADFS... Is there a configuration issue in ADFS not not allow the same token to work for both?
Is this even possible?
Is this the wrong architecture in ADFS?
Should I use one relying party for both apps?
You can use Identity Delegation which helps in scenarios like this where an app calls a service instead of a user.
This similar question has some good resources: Pass ADFS Token to a Service