Integrate Active Directory Federation Service (AD FS)
Learn more about integrating Active Directory Federation Service (AD FS) with EAA.
Active Directory Federation Services (AD FS) is a software installed on a Microsoft Windows Server operating system. It provides single sign-on (SSO) and identity management, allowing authorized users to access multiple applications located on-premise or in the cloud.
Integrating AD FS with EAA allows users to create applications inside EAA which are authenticated with AD FS. You can deploy an EAA application which uses your newly created AD FS identity provider (IdP). When you access this application, you are redirected to your AD FS server to complete authentication.
Prerequisites:
-
Select a fully qualified domain name (FQDN) for your AD FS portal, for example, https://<federation-service-name>/adfs/ls where <federation-service-name> is of the form adfs.yourdomain.com
-
Install and configure AD FS in Microsoft Windows operating system (2016 version).
- To send simple LDAP attributes like user's email, see Send simple LDAP attributes from AD FS to EAA
- To send complex LDAP attributes like user's group membership, see Send complex attributes like group membership from AD FS to EAA