PHP application single sign on with ADFS
Question
I am planning to integrate my php application with ADFS for single sign on
So here is the flow
The user will open the domain of my app if he is not already signed in i will redirect it to sso url provided in the metadata.xml file shared with me by the AD team.
Once he is redirected to the AD login once the users fills the login page the request would come to my application
1st Question :-
( How is this going to happen ?? ) Do i need to provide to the url to the AD
2nd Question :-
What would be the request type, structure going to be
3rd Question :-
How is the application going to validate whether the user is authenticated or not. ?
1 answers
solution1
0 2019-04-26 11:26:39
you should be getting the integration document form AD Team, from this help disk the workflow will be as follows
- The user navigates to a URL provided by the ADFS service.
- The ADFS service then authenticates the user via the organization's AD service.
- Upon authenticating, the ADFS service then provides the user with an authentication claim.
- The user's browser then forwards this claim to the target application, which either grants or denies access based on the Federated Trust service created.
as per the 4th point, user will be returned with the claim(must be some tokens) to federation, using that you should validate the user again from ADFS,.
Noe: read-out the documents that you got from ADFS
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.