
Strong 2FA for AD & ADFS
The TokenOne Active Directory Federation Services (AD FS) Connector enables organisations to provision their employees or customers with a web-based, Single Sign On (SSO) experience when accessing claims-based applications. These applications can be in your organisation or with hosted services that support claims based authentication.
The TokenOne AD FS Connector allows SSO and provides seamless external authentication while managing your risk with strong two-factor authentication.
With the TokenOne AD FS Connector associated to a Domain Controller (Active Directory 2012 Schema or later) an organisation can use TokenOne’s strong two-factor authentication for specific services and specific users. All with minimal integration or modification to existing infrastructure. This is done by establishing a trust relationship between the organisations’ Domain Controller and the TokenOne AD FS instance.
More importantly, compared to other approaches for multi-factor solutions (such as soft tokens), TokenOne is a genuinely, strong two-factor solution where both factors are strong. A user’s PIN is never revealed and the TokenOne solution proves user presence.
TokenOne:
-
Is simple and easy to deploy en masse
-
Allows users to continuously and securely manage their own digital identity
-
Proving users are present at the transaction (not just the presence of their token or device).
The TokenOne solution is not just simple and secure, it is also less expensive to deploy, manage and administer than traditional two-factor solutions.
Supported Site & Services

Login Workflow
The diagram below shows the login workflow and how the AD FS MFA Provider interacts with Active Directory to provide a seamless experience for users.

The Solution
-
TokenOne delivers a strong two-factor authentication solution that enables increased security at scale for Office 365
-
TokenOne enables organisations to deploy a cost effective authentication solution that meets both, security AND compliance requirements
-
TokenOne solution scales easily across cloud based infrastructure while allowing a single user experience regardless of the backend infrastructure
The Benefits
-
Simple to register, manage and use
-
Easily and cost effectively deployed solution
-
Strong two-factor authentication for specific services or across the whole environment
-
Non-repudiated access to key Microsoft services and sites
-
High value application data (compliance)
-
Single branded solution for users regardless of distribution of backend infrastructure