locked
ADFS authentication redirection to claim provider trusts on configured IP addresses RRS feed

  • Question

  • Hi,

    How can we configure ADFS server to redirect user authentication to another ADFS server(claim provider trust) based on client IP?

    Details of scenario :

    We are having ADFS server(ABC ADFS server) and one application added as relying party trust on ADFS. Now, 2 more ADFS servers(XYZ & PQR ADFS servers) added as claim provider trusts in ABC ADFS server. When user tries to authenticate against ADFS, it should be redirected to XYZ ADFS Server or PQR based on configured IP addresses in ABC ADFS server. 

    For e.g If client IP address in 10.75.100.200 - it should be redirected to XYZ ADFS.  

    Are there any ways in ADFS, to redirect request other IDP provider based on client IP address  which has added as claim provider trust ?

    Friday, August 26, 2016 8:30 AM

Answers

  • You cannot redirect users based on network information at the ADFS level. You can do it at the network level though since in most federation scenario, the client is responsible to establish the connection with the different parties (so you could trick the network at its level). You could do via DNS or via your geographical based load balancer. You can have a look at Azure Traffic Manager as it offers similar capabilities.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, August 26, 2016 2:24 PM