Microsoft Active Directory Federated Services (AD FS)

Network administrators manage permissions and control access to network resources using the Microsoft Active Directory Federated Services directory service. Active Directory uses objects categorized by their names and attributes to store users, groups, applications, and device data.

Note

Synchronizing Users and User Groups is not supported with AD FS.

Note

Inbound web access through the firewall to the AD FS server is required for application and network authentication to function.

Microsoft AD FS offers two types of SSO methods.

• OpenID Connect (OIDC): This open authentication protocol works on top of the Open Authorization (OAuth) 2.0 framework.

  For more information on OIDC SSO, see Set up Microsoft Entra ID with Open ID Connect Integration.

• Security Assertion Markup Language (SAML): This is an open standard for exchanging authentication and authorization data between an identity provider and a service provider.
  

  Note

  Secure Network Access is not supported with SAML 2.0.
  

  Note

  Secure Network Authentication is not supported with SAML 2.0.

  For more information on SAML Connect SSO, see Configure Microsoft Entra ID - SAML.