Hideez Identity Cloud
  • Getting Started Guide
    • Key features of Hideez Identity Cloud
    • Quick Start Guide
      • The Hideez Desktop Client
      • Hideez Authenticator App
    • Tennant manegement
      • User Management
        • Passkey
        • Hideez Authenticator App
        • FIDO Security Key
        • Platform Authentication via Windows Hello
        • Password+OTP
      • Workstation management
  • PC Authorization
    • Passwordless Authorization
      • Active Directory
        • Setting Up the Active Directory Certification Authority
        • Setting Up Workstation Passwordless Logon Settings on Hideez Identity Cloud
      • Microsoft Entra ID
    • Password-based Authorization
  • INTEGRATIONS
    • SAML 2.0
      • GitHub Enterprise
      • Google Workspace
      • Okta
    • OIDC (OpenID Connect)
      • Services that support OIDC and their configuration as Client
    • WS-Federation
      • Login to Exchange Outlook Web Application and Exchange Admin Center via Hideez Identity Cloud
    • Active Directory On-Premises
      • Connect Active Directory to Hideez Identity Cloud
      • ADFS integration
        • Login to Microsoft Exchange OWA Using AD FS and Hideez Identity Cloud as a Third-Party IdP
    • Microsoft Entra ID
      • Synchronization and import employees from Microsoft Entra ID to Hideez Identity Cloud
      • Configuration of Hideez Cloud as an External Authentication Method for Microsoft Entra ID via OIDC
    • Chrome OS
  • USE CASES
    • Passkey Login
    • Hideez Authenticator App login
    • FIDO Security Key login
    • Platform login via Windows Hello
    • Password+TOTP login
  • SUPPORT
    • Get Support
    • FAQ
      • What to do if a user loses their key/device and cannot access the site?
      • Can a custom domain name be created for the tenant instead of the default one?
      • Why am I already logged in Hideez, and no authorization occurs when I access my web application?
      • How long does an open authorization session last?
      • How to log out of the web application?
      • Can I administer multiple tenants simultaneously?
      • Can there be multiple administrators for the Hideez Identity Cloud?
    • Glossary
  • Hideez Documentation Portal
Powered by GitBook
On this page
  1. INTEGRATIONS
  2. Active Directory On-Premises

ADFS integration

What is AD FS (Active Directory Federation Services):

Active Directory Federation Services (AD FS) is a Single Sign-On (SSO) solution developed by Microsoft that allows organizations to authenticate users across different applications and systems, both on-premises and in the cloud.

Key Points:

  • Federation Service: Provides identity federation between an organization's Active Directory and external systems or service providers.

  • SSO (Single Sign-On): Enables users to log in once and access multiple applications without needing to re-enter credentials.

  • Claims-Based Authentication: AD FS uses claims (user attributes) for authentication and authorization instead of traditional credentials.

  • Protocols Supported:

    • WS-Federation: Microsoft’s proprietary protocol for web-based SSO.

    • SAML 2.0: An open standard for cross-domain authentication.

    • OAuth 2.0/OpenID Connect: Modern protocols for API and app authentication.

  • Integration: Often used for Microsoft services like Exchange OWA, SharePoint, and other third-party applications.

Configure login to Exchange OWA using AD FS with Hideez Identity Cloud as the Identity Provider, utilizing the WS-Federation protocol (3-tier architecture: Exchange OWA → WS-Federation → AD FS → SAML 2.0 →Hideez Identity Cloud).

Advantages:

  1. Leverages existing AD FS infrastructure: If AD FS is already installed and configured, this option allows you to use the existing infrastructure without additional setup or changes.

  2. Integration with other Microsoft applications: If the organization already integrates other Microsoft products via AD FS, this option allows centralized authentication management for all applications, including Exchange OWA and others.

  3. Centralized access policy management: With AD FS in place, you can manage access policies and security measures centrally, ensuring consistent enforcement across all integrated services, including Hideez Identity Cloud.

  4. Enhanced security: AD FS can be configured with additional security features like MFA, enhancing access protection for all connected resources.

  5. Convenient for organizations already using AD FS: This option is ideal for organizations with established AD FS configurations, allowing easy integration of Hideez Identity Cloud as an external identity provider without major infrastructure changes.

PreviousConnect Active Directory to Hideez Identity CloudNextLogin to Microsoft Exchange OWA Using AD FS and Hideez Identity Cloud as a Third-Party IdP

Last updated 5 months ago

For more details, refer to the official Microsoft documentation on .

Active Directory Federation Service (AD FS)