Adfs

Microsoft does not recommend deploying new instances of AD FS. Instead they encourage you to consider Entra ID. Information on using Entra ID with SAFIRE.

Note: While it is possible to use ADFS with SAFIRE, it has known interoperatability problems with the sort of multi-party federation used in the R&E world. SAFIRE’s architecture shields you from some of these effects, but you do sacrifice some flexibility and control.

In order to configure Active Directory Federation Services (ADFS) as an identity provider for SAFIRE, you need to do four things: