ADFS Custom 401 Error Page for denied Access

Hi derSchweiger,

Yes, the steps I provided apply to the newest ADFS version (4.0). However, I apologize for the confusion about the "Claims Provider Trust" dialog box.

If the "Properties" option is grayed out for you, it is because you are trying to edit a built-in claims provider. Built-in claims providers cannot be edited. You need to create a new claims provider trust and then configure it to use your custom error page.

To create a new claims provider trust in ADFS, follow these steps:

1. Open the ADFS Management Console.

2. Go to Trust Relationships > Claims Provider Trusts.

3. Click Add Claim Provider Trust.

4. On the Welcome page, click Start.

5. On the Select Data Source page, select Enter data about the claims provider manually.

6. On the Specify Claim Provider Type page, select the type of claims provider that you want to create.

7. On the Specify Claim Provider Details page, enter the following information:

   • Claim provider name: The name of the claims provider.
   • Claim provider identifier: The identifier of the claims provider. This is a unique value that is used to identify the claims provider to ADFS.
   • Metadata URL: The URL of the claims provider's metadata. This is optional, but it is recommended.
   • Supported identity types: The types of identities that the claims provider supports.

8. On the Configure Claims Issuance page, select the claims that you want to issue to users when they authenticate to the claims provider.

9. On the Configure Claims Acceptance page, select the claims that you want to accept from the claims provider.

10. On the Relying Party Trusts page, select the relying party trusts that you want to trust the claims provider.

11. On the Ready to Add Trust page, review the settings and then click Add.

Once you have created a new claims provider trust, you can configure it to use your custom error page by following the steps in my previous response.