Security Encyclopedia

Active Directory Federation Services (ADFS)

Active Directory Federation Services is a Miscrosoft software component that runs on Windows Server operating systems. It provides users with single sign-on access to systems and applications that are incapable of using Integrated Windows Authentication (IWA) via Active Directory (AD). Identity federation is built up between two associations by setting up trust between two security domains.

An organization server on one side verifies the user through the standard methods in ADFS and afterward issues a token containing a progression of data about the client, including its identity. On the opposite side, the Resources side, another organization server approves the token and issues another token for the area servers to acknowledge the personality. This enables a framework to give controlled access to its assets or administrations to a user that resides with another security domain without requiring the user to verify legitimately to the framework, and without the two frameworks sharing a database of user identities or passwords.


"Our company migrated our ADFS from on-premise to Azure to achieve high availability and we found that you can easily deploy ADFS on Microsoft Azure IaaS. It works great."


Source: Microsoft