Hi
I may have some terminology incorrect...please let me know if I do. :)
My question is, how many ADFS farms can you have in a single forest/single domain? If you want to know why I am asking...please read on.
We have 1 ADFS Farm and we are looking adding services to it. However not every cloud vendor provides a "Identity Broker" with there services.
We have a consultant that is advising that we need to enable a SAML-based IdP-initiated single sign-on (SSO) ie using "IdpInitiatedSignOnPage"
However to do this we need to modify the ADFS website to have "drop down" list so the user can select the "Relying Party" and then authentication with them.
This means we are exposing a list of every company/party we have federated with. The exposure of this information, is deemed a security concern by our company....which I agree with.
So the consultant advises that we need a separate ADFS farm. I have searched online, but haven't found any information that confirms multiple ADFS farms can be implemented in a single forest/single domain.
Thanks for reading and if you have any other suggestions...I'd appreciate it.
Nyobi
I may have some terminology incorrect...please let me know if I do. :)
My question is, how many ADFS farms can you have in a single forest/single domain? If you want to know why I am asking...please read on.
We have 1 ADFS Farm and we are looking adding services to it. However not every cloud vendor provides a "Identity Broker" with there services.
We have a consultant that is advising that we need to enable a SAML-based IdP-initiated single sign-on (SSO) ie using "IdpInitiatedSignOnPage"
However to do this we need to modify the ADFS website to have "drop down" list so the user can select the "Relying Party" and then authentication with them.
This means we are exposing a list of every company/party we have federated with. The exposure of this information, is deemed a security concern by our company....which I agree with.
So the consultant advises that we need a separate ADFS farm. I have searched online, but haven't found any information that confirms multiple ADFS farms can be implemented in a single forest/single domain.
Thanks for reading and if you have any other suggestions...I'd appreciate it.
Nyobi