AD FS should support user consent options
AD FS should support a user consent option besides the now provided admin consent only.
We'd like to use AD FS as a Federation Service with external parties, which is possible for single external targets, but not for bigger federations like InCommon, SWITCH or similar, since an admin cannot decide, which attributes a user wants to release to an service provider. Especially not, when the users (as in our case) are students and employees.
Other implementations of federatet authentication such as Shibboleth 3 or Thinktecture Identity Server 3 do support user consent. Online Authentication providers (Facebook, Live, Google, etc.) also support that - it would be good to see this in ADFS, too.
Did you find out how to have a consent implemented in AD DS? I have the same issue (students and employes...)