Find token signing thumbprint

If Powerframe is installed you can run the command Get-PFADFSThumbprint to get the thumbprint from the ad fs token singning certificate. If not you can import the function bellow.

function Get-AdfsThumbprint($adfsServer)
{
    $adfsUrl = "https://{0}/FederationMetadata/2007-06/FederationMetadata.xml" -f $adfsServer
    $webClient = New-Object System.Net.WebClient
    [xml]$federationMetadata = $webClient.DownloadString($adfsUrl)
    $return = @()
    $signInfo = $federationMetadata.EntityDescriptor.SPSSODescriptor.KeyDescriptor |? { $_.use -eq "signing" }
    $signInfo |% {
        $x509Data = $_.KeyInfo.X509Data.X509Certificate
        $binData = [Convert]::FromBase64String($x509Data)
        $x509Certificate = new-object System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList @(,$binData)
        $return += $x509Certificate.Thumbprint
    }
    return $return
}

You call the function like this

Get-AdfsThumbprint "authx3.dev.zipper.se"