Active Directory Federation Services

Active Directory Federation Services (ADFS), a software component developed by Microsoft, can run on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries. It uses a claims-based access-control authorization model to maintain application security and to implement federated identity.^[1] Claims-based authentication involves authenticating a user based on a set of claims about that user's identity contained in a trusted token. Such a token is often issued and signed by an entity that is able to authenticate the user by other means, and that is trusted by the entity doing the claims-based authentication.^[2] It is part of the Active Directory Services. Microsoft advises using Entra ID and Azure AD Connect in place of ADFS in most cases.^[3]

^ "Introducing ADFS 2.0". Microsoft TechNet. May 2, 2010. Retrieved March 2, 2017.
^ "An Introduction to Claims". MSDN. 2016. Retrieved May 26, 2016.
^ "Modernize Your Identity Management System | Microsoft Security". Microsoft.

[1] "Introducing ADFS 2.0". Microsoft TechNet. May 2, 2010. Retrieved March 2, 2017.

[Claims-based_authentication-2] "An Introduction to Claims". MSDN. 2016. Retrieved May 26, 2016.

[3] "Modernize Your Identity Management System | Microsoft Security". Microsoft.

[1]

[2]

[3]