0 introduction, 1 scope of document, Introduction – HID Microsoft ADFS and ActivID AS using SAML User Manual

ActivID Appliance 7.2 and AD FS | integration Handbook | ADFS

External Release | © 2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved.

Page 3

1.0

Introduction

Microsoft® Active Directory Federation Services AD FS is an identity access solution that provides browser-based
clients (internal or external to your network) with seamless, "one prompt" access to one or more protected
Internet-facing applications, even when the user accounts and applications are located in completely different
networks or organizations.

The process of authenticating to one network while accessing resources in another network—without the burden
of repeated logon actions by users—is known as single sign-on (SSO). AD FS provides a Web-based, SSO
solution that authenticates users to multiple Web applications over the life of a single browser session.

Providing secure “one prompt” access via a web application over existing Internet connections requires strong,
two-factor authentication to protect resources.

The ActivID® Appliance works with the Microsoft AD FS solution to provide versatile, strong authentication that is
flexible, scalable, and simple to manage.

1.1

Scope of Document

This document explains how to configure ActivID Appliance and Microsoft AD FS using Security Assertion Markup
Language (SAML). SAML 2.0 enables Web-based authentication and authorization and can be used by Microsoft
AD FS to delegate user authentication to the ActivID® Appliance.

This option is simple and allows users to authenticate to the ActivID® Appliance authentication portal which has
multiple authentication mechanisms working out of the box, including one-time password (OTP), Web soft token
OTP, and Public Key Infrastructure (PKI) methods.