I’m fiddling with web services that uses claims based authentication, and spend a few hours banging my head against the wall with this scenario.
Image you have the following code
Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was 'admin.wingu.dk' but the remote endpoint provided DNS claim 'wingu.dk'. If this is a legitimate remote endpoint, you can fix the problem by explicitly specifying DNS identity 'wingu.dk' as the Identity property of EndpointAddress when creating channel proxy.
m using a wildcard certificate on the webserver and I guess that’s what confusing things. Some people claim you can fix this by setting the host identity on the web service binding on the server, but that didn’t seem to work for me. but doesn’t matter, the error it self explains what to do. Explicitly specify the identity. so the code becomes
And everything works like a charm.
Note if using CreateChannelWithIssuedToken() and supply nothing or an illegal token, you will get back.
The address of the security token issuer is not specified. An explicit issuer address must be specified in the binding for target 'http://admin.wingu.dk/CloudAPI/ClaimsCloudAPI.svc' or the local issuer address must be configured in the credentials.
So make sure the token your testing with is valid.