How to Hide a Relying Party from AD FS 3.0
If you’ve set up AD FS before, you’ve probably seen this drop-down list that allows your users to select an application to log into. You may also have a particularly troublesome app that doesn’t work with this IdP initiated method of login. Using the steps below, we can hide one or more of the options from the AD FS 3.0 dropdown list.
Using the theming capabilities of AD FS 3.0, we can introduce some JavaScript that removes applications from the list as the page is loaded. I am not a web guy by any means, so my JavaScript isn’t great…but it works. Happy to accept corrections from anyone better than this at me.
Update, 3 Nov 2015: Like clockwork, someone's come up with a better option! Thanks to  for his great solution, it's a lot more slick than my initial approach.
- Create a custom theme:
New-AdfsWebTheme -Name MyCustomTheme -SourceName default
- Download the custom theme
New-Item -Type Directory C:\adfs\MyCustomTheme
Export-AdfsWebTheme -Name default -DirectoryPath C:\adfs\myCustomTheme
- Add the following to line 5 of the
C:\adfs\MyCustomTheme\script\onload.jsfile:
var dropDownList = document.getElementById('idp_RelyingPartyDropDownList');
var itemsToRemove = ['Contoso App2', 'Contoso App3'];
// if we found the dropdown
if (dropDownList) {
// Run through every item flagged for removal
for (var i=0; i < itemsToRemove.length; i++ ) {
// Recurse through each item in the dropdown
for (var j=0; j < dropDownList.length; j++ ) {
// check if the item matches
if ( dropDownList.options[j].text == itemsToRemove[i] ) {
dropDownList.remove(j);
}
}
}
}
- Upload the custom theme to AD FS:
Set-AdfsWebTheme -TargetName MyCustomTheme -AdditionalFileResource @{Uri='/adfs/portal/script/onload.js';path="C:\adfs\MyCustomTheme\script\onload.js"}
- Then activate the custom theme:
Set-AdfsWebConfig -ActiveThemeName MyCustomTheme
Easy as! Now when users load the page, they won’t see the two apps defined above:
Written on October 15, 2015