I have followed the instructions at https://technet.microsoft.com/en-us/library/mt593305.aspx to set up ADFS on Windows Server 2016 for OpenID Connect. I then configured an ASPNET Core application to authenticate with this server. Sign works fine except that I had to add a redirect URI that included "/signin-oidc" to get it to recognize my app.
The problem I am having is that I have no claims for the users group in ad and cannot use the authorize attribute with parameters. When an action is called that uses this attribute the browser is redirected to the adfs endpoint but an error is returned that the request could not be completed. Am I doing something wrong or is ADFS not an option for this scenario?
