Active Directory Federation Services (ADFS) is a Microsoft service that provides single sign-on (SSO) and access control capabilities for web applications that are not hosted in the cloud. ADFS enables users to use their organizational credentials to access web applications that are hosted outside of their organization's network.
Here are some of the things that ADFS can do:
- Federation: ADFS enables organizations to establish trust relationships with other organizations, so users can access resources that are shared across multiple organizations.
- SSO: ADFS provides a seamless sign-in experience for users, allowing them to access multiple web applications with a single set of credentials.
- Authentication: ADFS supports a range of authentication methods, including user name and password, smart cards, and multifactor authentication.
- Authorization: ADFS enables administrators to define policies that control access to applications and resources based on user roles, group membership, or other criteria.
- Security: ADFS provides security features such as encryption, digital signatures, and token-based authentication to help protect user credentials and prevent unauthorized access.
Overall, ADFS is a tool that can help organizations extend their identity and access management capabilities to web applications that are hosted outside of their network. By enabling SSO and access control for external web applications, ADFS can improve user productivity and simplify the administration of user access to resources