{"id":56812,"date":"2021-11-23T13:00:00","date_gmt":"2021-11-23T18:00:00","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=56812"},"modified":"2024-12-20T11:45:30","modified_gmt":"2024-12-20T16:45:30","slug":"what-is-adfs","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/what-is-adfs","title":{"rendered":"What Is Active Directory Federation Services?"},"content":{"rendered":"\n<p>Active Directory Federation Services (AD FS) is an on-premises authentication technology for Windows Server operating systems. It extends single sign-on (SSO) capabilities to applications that are not compatible with <a href=\"https:\/\/jumpcloud.com\/blog\/active-directory-faq\">Windows Active Directory (AD)<\/a> and Integrated Windows Authentication (IWA).<\/p>\n\n\n\n<p>Microsoft released AD FS as a response to increasing demand for SSO capabilities for third-party software-as-a-service (SaaS) technologies in the 2000s. The need to create a \u201ctrust relationship\u201d between different web-facing applications and cloud environments has only grown since then.<\/p>\n\n\n\n<p>AD FS allows organizations to create a network of trust between one another across the internet. It complements Active Directory by extending on-premises user identities to cloud-hosted applications and workloads.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading1\">What Are the Different Parts of AD FS?<\/h2>\n\n\n\n<p>AD FS is made of four primary components:<\/p>\n\n\n\n<ul>\n<li><strong>Active Directory. <\/strong>This is where AD FS\u2019s identity information gets stored. AD FS extends AD\u2019s information beyond the enterprise\u2019s network. This allows users to access Windows-based and third-party applications while outside of corporate networks.<\/li>\n\n\n\n<li><strong>Federation server. <\/strong>This component issues security tokens that manage federated trusts between business partners. The federation server processes authentication requests from external users and issues out security tokens for claims based on credentials stored in AD.&nbsp;<\/li>\n\n\n\n<li><strong>Federation server proxy. <\/strong>This is deployed on the organization\u2019s extranet and links external users and the federation server. This way, the federation server does not get exposed directly to the internet, which mitigates security risks.&nbsp;<\/li>\n\n\n\n<li><strong>AD FS web server. <\/strong>This component hosts the AD FS Web Agent, a service that either allows or denies a user access to web applications based on authentication cookies and security tokens sent to it.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading2\">How Does AD FS Work?<\/h2>\n\n\n\n<p>AD FS uses claim-based authentication, which verifies users by drawing from a set of \u201cclaims\u201d about their identity from a trusted token. This gives users a single SSO prompt that allows them to access multiple applications and systems on different networks.<\/p>\n\n\n\n<p>In practice, it functions in broadly the same way as any web application-based SSO service using the <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-saml\">Secure Assertion Markup Language (SAML) protocol<\/a>. AD FS can also use cookies and other token standards such as <a href=\"https:\/\/dzone.com\/articles\/what-is-jwt-token\" target=\"_blank\" rel=\"noreferrer noopener\">JSON web tokens (JWT)<\/a> to authenticate users, but it\u2019s leveraged in on-premises setups instead of the cloud.<\/p>\n\n\n\n<p>When organizations adopt AD FS, they establish a system of <a href=\"https:\/\/jumpcloud.com\/blog\/identity-federation-services\">identity federation<\/a> that confirms trust between two security environments. A federation server in one organization authenticates users through standard <a href=\"https:\/\/jumpcloud.com\/blog\/ad-ds\">Active Directory Domain Services (AD DS)<\/a> and then issues a token that the other organization can recognize and confirm.<\/p>\n\n\n\n<p>Upon recognizing and confirming the security token, the other organization issues its own token that allows local servers to accept the claimed identity. It can now provide controlled access to internet-connected resources without requiring users to authenticate directly to each application individually.<\/p>\n\n\n\n<p>The diagram below summarizes the workflow for AD FS-based systems:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"381\" src=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/AD-FS.png\" alt=\"AD FS\" class=\"wp-image-111963\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/AD-FS.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/AD-FS-300x223.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading3\">Why Do Organizations Use AD FS?<\/h2>\n\n\n\n<p>Prior to 2003, organizations largely used AD and IWA to manage end-user access to corporate resources. As remote access and cloud-based services became more popular, it was apparent that AD and IWA could not cope with modern authentications. This was because users in such environments often want to access applications that are not company owned such as SaaS and web applications.<\/p>\n\n\n\n<p>To do this, users would have to repeatedly sign into these applications manually. This added a significant amount of time-consuming complexity to enterprise workflows that required managing multiple third-party applications. Users would have to create accounts for each one and input their login credentials every time they wanted to use them.<\/p>\n\n\n\n<p>AD FS resolved and simplified third-party authentication challenges, allowing organizations to better manage access to resources in an evolving workplace. With AD FS, users got authenticated to all the approved third-party systems and applications once they logged in with their Windows credentials.&nbsp;<\/p>\n\n\n\n<p>Because of the SSO feature, users didn\u2019t have to remember unfamiliar and disparate account credentials when accessing SaaS and web applications. Besides users, AD FS also provides benefits to IT administrators and developers alike. For example, IT administrators could largely maintain their existing AD setup, especially if other aspects of their environment were still largely on-premises, Windows-based infrastructure.&nbsp;<\/p>\n\n\n\n<p>AD FS granted system administrators complete visibility over the digital identities of users. It also provided developers with a simplified solution for authenticating users through their identities in the organization\u2019s directory, allowing them to spend more time focused on high-impact production tasks.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading4\">What Are the Limitations and Disadvantages of AD FS?<\/h2>\n\n\n\n<p>Although AD FS was popular when most IT environments relied on Microsoft Active Directory, it now presents several problems and limitations that can\u2019t be ignored.<\/p>\n\n\n\n<p>Today\u2019s organizations have far more complex cloud deployments than what was possible in the early 2000s. In a modern enterprise context, AD FS solves some federation identity challenges but introduces several others.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. High implementation and maintenance costs<\/h3>\n\n\n\n<p>Technically AD FS is free because it\u2019s included in the Windows Server operating system. That means that organizations using Windows can deploy AD FS without having to buy a separate federation solution to support SSO capabilities.<\/p>\n\n\n\n<p>However, the story is different in practice. Configuring your IT environment to support on-premises SSO servers for high availability use outside the network perimeter involves additional costs. These costs are often not immediately apparent, leading to surprise sticker shock when IT leaders find out how much AD FS actually cost them.<\/p>\n\n\n\n<p>For example, the initial configuration and setup process must also include hardware server costs. AD FS will also generate ongoing maintenance costs that include infrastructure maintenance, secure sockets layer (SSL) certificates, and federation management.<\/p>\n\n\n\n<p>These costs can be difficult to quantify. In many cases, they are expressed in reduced productivity and IT efficiency. The increase in demand for IT employee hours can drive human resource costs up as the organization seeks to hire new talent to cover its productivity deficits.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. Complex hardware requirements<\/h3>\n\n\n\n<p>AD FS is not a cloud-native solution. It relies on multiple hardware components and applications. The on-premises element of your AD FS implementation will require extensive configuration and ongoing maintenance.<\/p>\n\n\n\n<p>The three hardware components that make up AD FS include:<\/p>\n\n\n\n<ul>\n<li><strong>The AD FS server<\/strong>, which establishes directory federation and enables single sign-on.<\/li>\n\n\n\n<li><strong>The federation service proxy<\/strong>, which is installed between the AD FS server farm and the external resources it connects to.<\/li>\n\n\n\n<li><strong>The AD FS configuration database<\/strong>, which defines the parameters that the federation service uses to identify partners, certificates, claims, and other data.<\/li>\n<\/ul>\n\n\n\n<p>These components require deep technical expertise to deploy, configure, and maintain. Since AD FS is an on-premises solution, your in-house IT team will have to take on that burden.<\/p>\n\n\n\n<p>At the same time, AD FS doesn\u2019t include a user-friendly portal for managing identities and authentication policies. That means that adding an application or system to the service is often complex and time-consuming.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3. Inadequate security against modern threats<\/h3>\n\n\n\n<p>As the linchpin between the organization\u2019s network and its various cloud-based services such as Office 365, AD FS makes an attractive target for threat actors. Compromising this system could grant access to any of your cloud-based data and assets.<\/p>\n\n\n\n<p>While AD FS itself does not suffer from severe security flaws, the complexity of securing AD FS can make it a key vulnerability. Since it is an on-premises solution, your in-house IT team is responsible for keeping it secure against new and emerging threats \u2014 which is often easier said than done.<\/p>\n\n\n\n<p>Attackers may try to forge SAML tokens and use them to compromise cloud-based assets. They may insert themselves between servers and nodes, or intercept SSL certificate requests using man-in-the-middle (MiTM) attack strategies.<\/p>\n\n\n\n<p>These are not insurmountable security challenges. However, overcoming them is a time-consuming task that relies on specialist expertise. It\u2019s easy for IT leaders to overlook these security considerations and leave cloud-based assets exposed to attack.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4. No native access to on-premises files and print servers<\/h3>\n\n\n\n<p>Windows Server file sharing and Active Directory provide complementary services for users in on-premises IT environments. However, in cloud-based environments with remote employees, these components may no longer work together as intended.<\/p>\n\n\n\n<p>In order to grant remote users access to on-premises files and print servers, those assets must be converted to shared folders on the cloud. Those cloud-based folders must be governed by the same security policies that Active Directory implements in the on-premises environment.<\/p>\n\n\n\n<p>Without AD FS-enabled file and print sharing mechanisms in place, users may resort to sharing files through consumer file sharing platforms like Dropbox or Google Drive. This creates a shadow IT scenario where your security team has no visibility into the data being shared on non-approved applications and platforms.<\/p>\n\n\n\n<p>This can lead to threat actors leveraging unknown vulnerabilities against your organization. It can also expose your organization to <a href=\"https:\/\/jumpcloud.com\/solutions\/compliance\" target=\"_blank\" rel=\"noreferrer noopener\">compliance violations<\/a> if data is not being securely stored in accordance with regulations.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">5. Incompatibility with many Linux and macOS applications<\/h3>\n\n\n\n<p>AD FS was originally conceived for Windows-centric environments with a relatively small number of third-party web applications and services. Modern organizations do still rely on MIcrosoft Windows, but it is increasingly just one part of a larger, more complex whole.<\/p>\n\n\n\n<p>Many SaaS applications now run on Linux and macOS platforms. AD FS is not well-equipped to natively deploy and control access to these resources. This adds significant complexity to the IT environment, and makes it difficult for IT leaders to ensure single sign-on is enabled across disparate applications and assets.<\/p>\n\n\n\n<p>This is one of the main reasons why many modern organizations are transitioning to cloud-based AD FS alternatives that provide complete <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-iam\">identity and access management<\/a> (IAM) with single sign-on capabilities to virtually all IT resources. This is the kind of platform that today\u2019s IT leaders truly need.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading5\">Is There a Better Alternative to AD FS?<\/h2>\n\n\n\n<p>IT leaders need a flexible IAM and single sign-on solution that allows for complete identity control while connecting users to all of the IT resources they need. The <a href=\"https:\/\/jumpcloud.com\/platform\/cloud-directory\">JumpCloud Directory Platform<\/a> houses all of the capabilities you need to manage users regardless of location, protocol, platform, or provider.<\/p>\n\n\n\n<p>Find out how simple <a href=\"https:\/\/jumpcloud.com\/blog\/how-to-migrate-from-ad-fs-to-jumpcloud\">migration from AD FS to JumpCloud<\/a> can be and start deploying secure, cloud-native single sign-on to all of your applications and assets. You have the flexibility to use JumpCloud in whatever way you prefer, whether as an extension for Active Directory or a full-scale modern <a href=\"https:\/\/jumpcloud.com\/solutions\/replace-ad\" target=\"_blank\" rel=\"noreferrer noopener\">replacement for AD<\/a>.<\/p>\n\n\n\n<p>Leverage JumpCloud\u2019s <a href=\"https:\/\/jumpcloud.com\/solutions\/access-management\" target=\"_blank\" rel=\"noreferrer noopener\">complete cloud IAM platform<\/a> with SSO, MFA, and conditional access capabilities that enable users to securely and efficiently connect to every IT asset in your network. Establish a single IAM solution for connecting with Mac, Windows, Linux devices, Wi-Fi networks, VPNs, cloud and legacy apps, physical and virtual file servers, and more.<\/p>\n\n\n\n<p><strong>Check out our <\/strong><a href=\"https:\/\/university.jumpcloud.com\/pages\/guided-sims\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>guided simulations<\/strong><\/a><strong> to get a feel for what JumpCloud is capable of, or <\/strong><a href=\"https:\/\/jumpcloud.com\/guided-simulations\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>schedule a demo<\/strong><\/a><strong> for a walk-through tailored specifically to your IT needs.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AD FS is used to authenticate users to applications incompatible with Active Directory (AD), but it&#8217;s not the only solution.<\/p>\n","protected":false},"author":131,"featured_media":43777,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[2781,2337],"tags":[],"collection":[2777,2780],"platform":[],"funnel_stage":[3016],"coauthors":[2568],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What Is Active Directory Federation Services (AD FS)? - JumpCloud<\/title>\n<meta name=\"description\" content=\"AD FS is used to authenticate users to applications incompatible with Active Directory (AD), but it&#039;s not the only solution.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/what-is-adfs\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Is Active Directory Federation Services?\" \/>\n<meta property=\"og:description\" content=\"AD FS is used to authenticate users to applications incompatible with Active Directory (AD), but it&#039;s not the only solution.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/what-is-adfs\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-23T18:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-20T16:45:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"861\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kelsey Kinzer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kelsey Kinzer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs\"},\"author\":{\"name\":\"Kelsey Kinzer\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/c4e9aeadd98cafbd216d3134ad10ab13\"},\"headline\":\"What Is Active Directory Federation Services?\",\"datePublished\":\"2021-11-23T18:00:00+00:00\",\"dateModified\":\"2024-12-20T16:45:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs\"},\"wordCount\":1805,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg\",\"articleSection\":[\"How-To\",\"Remote Work\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs\",\"url\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs\",\"name\":\"What Is Active Directory Federation Services (AD FS)? - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg\",\"datePublished\":\"2021-11-23T18:00:00+00:00\",\"dateModified\":\"2024-12-20T16:45:30+00:00\",\"description\":\"AD FS is used to authenticate users to applications incompatible with Active Directory (AD), but it's not the only solution.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/what-is-adfs\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg\",\"width\":1280,\"height\":861,\"caption\":\"FreeNAS Cloud Identity\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/what-is-adfs#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What Is Active Directory Federation Services?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/c4e9aeadd98cafbd216d3134ad10ab13\",\"name\":\"Kelsey Kinzer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/08f33caaabd3e83507748fcc2d575a67\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9a16ebe214c820d6c288597039b7e89f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9a16ebe214c820d6c288597039b7e89f?s=96&d=mm&r=g\",\"caption\":\"Kelsey Kinzer\"},\"description\":\"Kelsey is a passionate storyteller and Content Writer at JumpCloud. She is particularly inspired by the people who drive innovation in B2B tech. When away from her screen, you can find her climbing mountains and (unsuccessfully) trying to quit cold brew coffee.\",\"sameAs\":[\"https:\/\/jumpcloud.com\/blog\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What Is Active Directory Federation Services (AD FS)? - JumpCloud","description":"AD FS is used to authenticate users to applications incompatible with Active Directory (AD), but it's not the only solution.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/what-is-adfs","og_locale":"en_US","og_type":"article","og_title":"What Is Active Directory Federation Services?","og_description":"AD FS is used to authenticate users to applications incompatible with Active Directory (AD), but it's not the only solution.","og_url":"https:\/\/jumpcloud.com\/blog\/what-is-adfs","og_site_name":"JumpCloud","article_published_time":"2021-11-23T18:00:00+00:00","article_modified_time":"2024-12-20T16:45:30+00:00","og_image":[{"width":1280,"height":861,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg","type":"image\/jpeg"}],"author":"Kelsey Kinzer","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kelsey Kinzer","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs"},"author":{"name":"Kelsey Kinzer","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/c4e9aeadd98cafbd216d3134ad10ab13"},"headline":"What Is Active Directory Federation Services?","datePublished":"2021-11-23T18:00:00+00:00","dateModified":"2024-12-20T16:45:30+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs"},"wordCount":1805,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg","articleSection":["How-To","Remote Work"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs","url":"https:\/\/jumpcloud.com\/blog\/what-is-adfs","name":"What Is Active Directory Federation Services (AD FS)? - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg","datePublished":"2021-11-23T18:00:00+00:00","dateModified":"2024-12-20T16:45:30+00:00","description":"AD FS is used to authenticate users to applications incompatible with Active Directory (AD), but it's not the only solution.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/what-is-adfs"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/connect-freenas-cloud-identity-management.jpg","width":1280,"height":861,"caption":"FreeNAS Cloud Identity"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/what-is-adfs#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"What Is Active Directory Federation Services?"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/c4e9aeadd98cafbd216d3134ad10ab13","name":"Kelsey Kinzer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/08f33caaabd3e83507748fcc2d575a67","url":"https:\/\/secure.gravatar.com\/avatar\/9a16ebe214c820d6c288597039b7e89f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9a16ebe214c820d6c288597039b7e89f?s=96&d=mm&r=g","caption":"Kelsey Kinzer"},"description":"Kelsey is a passionate storyteller and Content Writer at JumpCloud. She is particularly inspired by the people who drive innovation in B2B tech. When away from her screen, you can find her climbing mountains and (unsuccessfully) trying to quit cold brew coffee.","sameAs":["https:\/\/jumpcloud.com\/blog"]}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/56812"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/131"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=56812"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/56812\/revisions"}],"predecessor-version":[{"id":119162,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/56812\/revisions\/119162"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/43777"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=56812"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=56812"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=56812"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=56812"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=56812"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=56812"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=56812"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}