Important Note
Benefits of ADFS
ADFS is a Microsoft software component that can run on Windows Server operating systems. It is an identity access solution that provides internal or external browser-based customers with seamless, one-prompt access to one or more protected internet-facing applications, even when the user accounts and applications exist in different networks or organizations. ADFS uses a claims-based access-control authorization model.
In ADFS, a federation server on the account side authenticates the user through the standard means in Active Directory Domain Services and then issues a token containing a series of claims about the user, including its identity. On the resources side, another federation server validates the token and issues another token for the local servers to accept the claimed identity. This process allows a system to provide controlled access to its resources or services to a user that belongs to another security realm without requiring the user to authenticate directly to the system and without the two systems sharing a database of user identities or passwords.
Requirements
- Publicly accessible ADFS server via FQDN
-
ADFS 4.0 (the version that comes with Windows Server 2016) or ADFS 5.0 (Windows Server 2019)
- See Microsoft’s requirements to learn more
- CivicPlus does not support the setup of ADFS or the implementation of any ADFS requirements
- Users must have an Active Directory email with the following:
- An organizationally unique domain ([user]@[city].com)
- Non-organizationally unique emails ([user]@gmail.com) can be used to log in to CivicPlus but cannot be integrated with an ADFS logon
- To ensure ADFS 4.0 log-out works, you must have the KB4038801 installed because CivicPlus uses frontchannel_logout, which only works after installation of this update, per Microsoft's documentation
Contact Support or your Customer Success Manager for more information.
Article Glossary
- ADFS: Active Directory Federated Services
- FQDN: Fully Qualified Domain Name
Comments
Let us know what was helpful or not helpful about the article.0 comments
Please sign in to leave a comment.