locked
ADFS with another 3rd Party RRS feed

  • Question

  • Hello,

    We currently have ADFS 2.0 setup and configured for SSO with Office 365.  It is a single ADFS server and one ADFS Proxy server.  We now have a 3rd party that we want to configure SSO for.  It is a Web Based Dashboard and the services are external to our network.

    1. Can I configure our existing ADFS environment to process SSO requests for this 3rd party?

    2. Would it be better to setup a 2nd ADFS server (Separate farm) to work with this 3rd Party?  Would the 2nd ADFS server have any ill affects on the existing ADFS environment?

    3. If I use our existing environment, would I have to setup a new Claims Provider Trust or Relying Party Trust?

    The most important thing is that I can not interrupt the existing ADFS environment because that will take down their email, company wide and that is not an option.  :)

    Any help or guidance is very much appreciated.

    Thank you 

    Wednesday, February 8, 2017 3:25 PM

Answers

All replies

  • 1. Yes - just add the 3rd party as a CP / RP depending on your use case.

    2. No need.

    3. Yes. Adding these has no effect on ADFS, You don't have to restart etc.

    Wednesday, February 8, 2017 5:49 PM
  • Thank you for response.

    Since they are my users (mycompany.com active directory) that want to use their AD credentials to authenticate on the 3rd party website/application I am thinking that I need to setup a Relying Party Trust, is that correct?

    With setting up a Relying Party Trust, do I get the information from the 3rd party such as the Configure URL and identifiers, is that also correct?

    Thank you again for your help

    Wednesday, February 8, 2017 6:27 PM
  • Yes.

    Easiest is to ask them for their metadata and just import it.

    Wednesday, February 8, 2017 7:35 PM