> ADFS 3.0 2FA
ADFS 3.0 2FA
ATTENTION! When you integrate Protectimus 2FA system with ADFS, Users in the Protectimus service or platform must have logins of the form [email protected]
1. Get Registered and Configure Basic Settings
- Register with the Protectimus Cloud Service and activate API or install the Protectimus On-Premise Platform.
- Add Resource.
- Add Users. NOTE! Users in Protectimus system must have logins of the form [email protected].
- Add Tokens or activate Users’ Self Service Portal.
- Assign Tokens to Users.
- Assign Tokens with Users to the Resource.
2. Install the Protectimus ADFS Сomponent
- Download the Protectimus ADFS installer here.
- Run the installer as administrator.
- You will see a welcome screen, click Next to continue.
- On this page, select Protectimus MFA ADFS and click Next.
- On this screen, you will need to enter the API URL, Login, API Key, and Resource ID. These parameters stand for:
- API URL – an address of the API endpoint. If you use SAAS Service API URL is https://api.protectimus.com. In the case of the on-premise Platform, API URL is a server address, where the Platform is running.
- API Login – the login of your account, the same as for signing in.
- API Key – you’ll find it in your profile. To access a profile, click the user’s login in the top right corner of the interface, and choose the “Profile” entry from the drop-down list.
- Resource ID – After creating the resource, you’ll be taken to a page with a list of available resources, where you can see the resource you’ve just created. In addition, the ID of the resource will be displayed in the table.
- Everything is ready for installation, click Install. During the installation, the ADFS service will be restarted.
- When the installation is completed, click Finish.
3. Configure ADFS Multi-Factor Authentication
- Run the ADFS configuration console: Server Manager -> Tools -> AD FS Management
- Navigate to Multi-Factor Authentication settings: Authentication Policies -> Multi-Factor Authentication -> Global settings -> Edit
- Add users/group of users (by clicking ADD), to which the multi-factor authentication will be applied;
- Check the boxes where you want to enable multi-factor authentication;
- And choose Protectimus MFA;
- Click Apply to complete setting Protectimus MFA for ADFS.
4. Check the correctness of the installation and settings
- For verification, go to: https://adfs.yourdomain.com/adfs/ls/idpinitiatedsignon.aspx
- At the second stage of authentication, enter your one-time password.
Last updated on 2022-09-15