Entrust Identity as a Service™ Technical Integration Guides
Click here to see this page in full context

Report errors or omissions

  1. Home >
  2. Identity as a Service Integration Guides >
  3. Integrate IDaaS AD FS Adapter

Integrate IDaaS AD FS Adaptor

The IDaaS AD FS Adapter uses the pluggable multi-factor authentication (MFA) option of AD FS to integrate Identity as a Service with AD FS. The IDaaS AD FS Adapter includes an installer to install the Identity as a Service plug-in. For instructions to add a legacy version of the Entrust IdentityGuard AD FS Adapter to Identity as a Service, see Integrate Entrust IdentityGuard AD FS Adapter.

This integration supports the following authentication methods for Identity as a Service:

One-time password (OTP)

Token (soft token and hardware token)

Integrate Entrust Identity AD FS Adapter

To complete this procedure, you need to reference the Entrust Identity AD FS Adapter 13.0 Technical Integration Guide.

Note: To ensure that you are using the latest version of the document, it is best to download the document from Entrust Trusted Care.

Add IDaaS AD FS Adapter to Identity as a ServiceAdd IDaaS AD FS Adapter to Identity as a Service.

Add IDaaS  AD FS

Click > Security > Applications. The Applications page appears.

Click Add. The Select an Application Template page appears.

Do one of the following:

Select Identity as a Service Integrations from the search drop-down list and scroll to find the application you want to add to IDaaS.

- or -

In the Search bar, enter a search option to filter for the application you want to add to IDaaS.

Under Identity as a Service Integrations, click IDaaS AD FS. The Add IDaaS AD FS page appears.

In the Application Name field, type a name for your application.

In the Application Description field, type a description for your application.

Optional. Add a custom application logo as follows:

Click next to Application Logo. The Upload Logo dialog box appears.

Click to select an image file to upload.

Browse to select your file and click Open. The Upload Logo dialog box reappears showing your selected image.

If required, resize your image.

Click OK.

Click Next. The General Settings page appears.

For Source of the Client IP Address for Resource Rule Risk Factors and Audits, Select Not Provided.

Note: To include location information in the transaction details in the Entrust Identity app, select From the incoming HTTP connection.

Select Do not use IP Address for Resource Rule Risk Factors if you only want to use the IP address for Audits but not for the resource rule risk conditions.

Click Submit. The Application ID is generated.

Copy and paste the Application ID in to the AD FS installer.

Click Done.

Be sure to copy the Application ID. You need this ID to complete the installation of the Entrust AD FS Adapter 5.0 for Identity as a Service.

Add a resource rule

Using the Entrust AD FS Adapter documentation, complete the following:

Install the Entrust  AD FS Adapter (see the section Installing the Entrust AD FS Adapter).

Restart the AD FS Service (see the section, Restarting the AD FS Service).

Configure AD FS for Entrust authentication (see the section, Configuring Entrust AD FS for authentication).

Configure AD FS for Identity as a Service (see the section, Configuring AD FS for Identity as a Service).