5.12.1 Using Identity Server as an Identity Provider for ADFS

Identity Server can provide authentication for resources protected by an Active Directory Federation Services (ADFS) server. This allows Identity Server to provide single sign-on to Access Manager resources and ADFS resources, such as a SharePoint server. Figure 5-15 illustrates this configuration.

Figure 5-15 Accessing SharePoint Resources with Identity Server

In this scenario, the following events occur:

  1. A user requests access to a SharePoint server protected by the ADFS server.

  2. The resource sends an authentication request to the ADFS server.

  3. The ADFS server, which has been configured to use Identity Server as an identity provider, gives the user the option of logging in to Identity Server.

  4. The user logs in to Identity Server and is provided a token that is sent to the ADFS server and satisfies the request of the resource.

  5. The user is allowed to access the resource.

The following sections describe how to configure your servers for this scenario: