Skip to main content
Skip table of contents

What are Active Directory Federation Services

Microsoft's traditional Active Directory technology stores usernames and passwords and uses them to manage and secure access to computers on a Windows domain. It also provides SSO access to corporate applications. AD Federation Services builds upon this functionality to authenticate users on third-party systems, such as another company's extranet or a service hosted by a cloud provider.

Through SSO capabilities, AD FS can authenticate a user to different, related web apps during a single online session. AD FS shares the user's identity and access rights, also known as claims, across the organization's security boundaries. When users attempt to access a certain web app from one of their trusted business partners -- also known as a federation -- their organization must authenticate the employee's identity information via claims to the host of the web app. The host can then make authorization decisions based on the claims.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.