TokenOne ADFS Registration
The TokenOne Active Directory Federation Services (AD FS) Connector enables organisations to provision their employees or customers with a web-based, Single Sign On (SSO) experience when accessing claims-based applications. These applications can be in your organisation or with hosted services that support claims based authentication.
The TokenOne AD FS Connector allows SSO and provides seamless external authentication while managing your risk with strong two-factor authentication.
With the TokenOne AD FS Connector associated to a Domain Controller (Active Directory 2012 Schema or later) an organisation can use TokenOne’s strong two-factor authentication for specific services and specific users. All with minimal integration or modification to existing infrastructure. This is done by establishing a trust relationship between the organisations’ Domain Controller and the TokenOne AD FS instance.
More importantly, compared to other approaches for multi-factor solutions (such as soft tokens), TokenOne is a genuinely, strong two-factor solution where both factors are strong. A user’s PIN is never revealed and the TokenOne solution proves user presence.
The TokenOne solution is not just simple and secure, it is also less expensive to deploy, manage and administer than traditional two-factor solutions.
The diagram below shows the login workflow and how the AD FS MFA Provider interacts with Active Directory to provide a seamless experience for users.