1. Hi Brian, very nice article really clear with the pictures. The branding looks very nice! I surely will implement this at customer this week.

    Question i have, you mention ‘ user_hint ‘ can you ellaborate more on this? How can we use this or send an user_hint? We use smart links for internal sso but this user_hint would be nice for extranet users.

    1. It’s application specific, and I think Open ID Connect also calls it login_hint. Smart links (I.e. longer URL or 301 redirect services do similar) and it all falls into the same category as domain_hint for redirecting directly to ADFS and not going via Home Realm Selection on the AzureAD login portal

  2. That’s pretty cool just applied it in my lab. applied the same illustration and logo to the Azure AD Portal, so when using Azure MFA with ADFS 4 you get the same look and not just the same feel.

    1. Or make use of the AzureAD branding that you get with AzureAD Basic, or AzureAD Premium or Office 365 licences and then the Azure MFA etc pages match your branding and illustration rather than taking Microsoft’s graphic, which might be copyright anyway!

  3. Very specific instructions, I was able to follow them and make the change to my lab AD FS via RDP from my iPad in about 10mins. I couldn’t get the js minimizer to download the new files but this was just for a lab anyway.

  4. Hi,

    I was wondering if you could help me out. You mention the generic avatar, but I can’t find where in the js file it mentions that (line 724 for me is ” backButton.id = “backButton”;” – what text should I be looking for?) – to display the generic avatar, do I have to host the avatar file (https://github.com/Microsoft/adfsWebCustomization/blob/master/centeredUi/images/empty_user.png) somewhere? At the moment our ADFS server (with the centeredUI enabled) does not show the grey box and avatar icon around the username on the password page (I am using the paginatedOnload.js), seems like I’m missing something 🙁

    Is it possible for the js to pull the thumbnailphoto from AD for the avatar image?

    Thanks for any help!

  5. how would you Accept SAM-account name as a login format on the ADFS form-based password update page? i can’t get it to work.

    1. You use “DOMAIN\samAccountName” style login. ADFS is on a server that is in DOMAIN or in any domain in that forest or in any domain that there exists a trust to.

  6. Hi,
    If we have multiple Claims Provider, than is it possible to skip asking password, instead Once the user enterred the UPN, based on the HRD customization, it would need to redirect to claims provider trust 🙂


    1. So this article just covers Microsoft’s centered UX experience and not any further code development of the forms signing pages. The link to the github repository includes more on customization of the code

Leave a comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.