Cloud Portal SAML Federation with ADFS Identity Provider
Business Problem
Your organization requires a seamless and secure access management solution for users accessing the Cloud Portal. The goal is to enable users to utilize their corporate user account credentials for authentication into the Cloud Portal while facilitating account management and setup processes. To achieve this, integration with Microsoft’s ADFS Identity Provider is sought to implement Single Sign-On (SSO) and manage corporate user accounts using the SAML federation protocol.
Requirements
- Access to an Infor CloudSuite
- User privileges for Infor Federated Service (IFS) User Management with the following roles:
- Optional Infor U courses:
- Infor OS: Identity and Access Management Fundamentals Workshop
Tutorial
Difficulty: Medium
Estimated completion time: 30 Minutes
Infor Cloud (specifically inforSTS or Infor Security Token Service) offers the possibility of federation with the Microsoft ADFS Identity Provider. This integration allows access to corporate user accounts and facilitates Single Sign-On (SSO) functionality for accessing the Infor Cloud Portal and associated enterprise applications. Infor’s support for the SAML 2.0 protocol aligns seamlessly with ADFS Identity Provider federations. ADFS does not have the capability of supporting the SCIM (System for Cross-domain Identity Management) interface for user provisioning.
IFS Federated Security and the Federation Hub handles the Cloud’s Federation between Cloud Portal and the ADFS Identity Provider.
Business Objective
- Enhanced Security: Strengthening authentication mechanisms through SAML Federation with ADFS Identity Provider bolsters security measures, mitigating risks associated with unauthorized access, data breaches, and cyber threats. By centralizing authentication processes and leveraging ADFS’s robust security features, the organization can safeguard sensitive data and protect against potential vulnerabilities
- Improved User Experience: Simplifying authentication processes and providing a seamless login experience contributes to enhanced user satisfaction. By eliminating the need for multiple sets of credentials and reducing authentication barriers, users can navigate the Cloud Portal and associated applications more efficiently, leading to increased user adoption and engagement.
- Streamlined Access Management: The integration facilitates Single Sign-On (SSO) capabilities, enabling users to access the Cloud Portal and enterprise applications seamlessly using their corporate credentials. This streamlines access management processes, reduces password fatigue, and enhances user experience, ultimately boosting productivity and operational efficiency.
Interested in setting up Single Sign-On (SSO) using SAML with ADFS within Infor Federation Services and seeking guidance on the process:
In this video, we’ll walk you through the process of setting up SAML (Security Assertion Markup Language) federation between the Infor Cloud Application and the ADFS Identity provider. Once the configuration is complete, users will have the capability to log in to the Infor Cloud Application and other federated applications using ADFS authentication.
You are now equipped to configure authentication and establish federation between the Cloud Portal and the Microsoft ADFS Identity provider (IdP).
Resources
Help documents on configuring the ADFS SAML Federation with Infor CloudSuite.
- Prerequisites and basic parameters
- Adding ADFS configuration to Infor CloudSuite
- Adding Infor CloudSuite to ADFS
- Infor OS user provisioning to Infor CloudSuite
- Enabling ADFS as IDP in Infor CloudSuite
- Testing
Additional Federated Security Configurations:
For additional Identity provider federations and User Provisioning setups, feel free to explore the Security and User Management with Infor Federation Services playlist.