Definition: ADFS is a software component created by Microsoft. It provides users Single Sign-on (SSO) facility to connect to different application across organization. That means even if you are accessing the application which is outside of your organization (domain), you will still be able to access it without providing your company credentials.
Intranet Site – No Issues:
When you log-in to your company computer using your credentials, and then if you try to open an Intranet site, you will not be prompted for credentials as it will check your logged-in identity in company AD. This is an easy implementation of SSO when you are accessing Intranet Site.
External Site – Challenge:
Now, challenge is to access any site which is outside your organization as you do not have entry in their AD.
ADFS Flow:
- User browses the URL provided by ADFS and user provides credentials
- ADFS checks authentication of the user in AD service of organization
- After authenticating, ADFS gives back user claim
- User sends claim via browser to target application
- Based on claim the output data will be presented to the user.