Feature Friday: Integration with ADFS
Behind the scenes, we are working hard on our Intelligent Data Protection Platform. To keep you informed of all developments, we will share a new or updated feature every Friday in our “Feature Friday.” We recently made integrations possible with the use of an API. This Friday we will discuss one of our latest integrations: Active Directory Federation Services (ADFS).
What is ADFS?
ADFS is a Single Sign-On (SSO) solution created by Microsoft. As a component of Windows Server operating systems, it provides users with authenticated access to applications that are not capable of using Integrated Windows Authentication (IWA) through Active Directory (AD). In other words: it enables users to log in easily in applications used by the organization, by making authentication obliged only the first a user logs in. Whenever a user uses applications within the organization, there is no need to log in again. Therefore, a user will always work safely and easily in a secure environment.
How does Single Sign-On (SSO) work?
Authentication with Single Sign-On relies on a trust relationship between domains. In short, this is what happens:
- The application first checks to see whether you’ve already been authenticated by the SSO solution, in which case it gives you access. If you haven’t, it sends you to the SSO solution to log in.
- You enter the single username/password that you use for corporate access. The SSO solution requests authentication from the identity provider or authentication system that your company uses. It verifies your identity and notifies the SSO solution.
- The SSO solution passes authentication data to the application and returns you to that application.
- After login, the site passes authentication verification data with you as you move through the application to verify that you are authenticated each time you go to a new environment within the application.
ADFS and SmartLockr
ADFS details need to be configured in the admin portal, where the right settings have to be done. Once configured, the user will be re-directed to the ADFS page to log in:
The integration with ADFS establishes more secure and faster logins. This means that the use of SmartLockr will be safer and easier also – after the first authentication you will be recognized and therefore don’t need to log in with every visit.