Receiving WS federation token instead of cookie

Today I had a question for one of my colleague.

Why do we get a WS federation token instead of a cookie token?

Well after some digging, we found out it had something to do with the authentication type which is part of the TokenValidationparameters.

The breakthrough was when we took a look at the source code of the TokenValidationParameters class

https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/blob/dev/src/Microsoft.IdentityModel.Tokens/TokenValidationParameters.cs

Clearly the default was set on federation, we simply fixed this by setting the authentication type on “Cookies”

Solution:

options.TokenValidationParameters = new TokenValidationParameters
{
AuthenticationType = CookieAuthenticationDefaults.AuthenticationScheme
};

Enjoy!