How to configure Microsoft AD FS for access to the Aidbox UI
This guide shows how to set-up Active Directory Federation Services as an identity provider
Create application group for Aidbox in AD FS
To create application group for Aidbox:
Open AD FS Management console
Open the Application Groups item in the left sidebar
Press the
Add Application Group
button in the right sidebarOn the Welcome page of the Wizard
Define the name of the application
Provide the description
Chose the
Server application
type
Press the Next button

Server application page
Copy the Client Identifier. We will use it later during the IdentityProvider resource creation
Add the
redirect_uri
and press the Add button. Redirect uri should look like thishttps://aidbox.example.com/auth/callback/adfs
Press the Next button

Configure Application credentials
Check the Generate a shared secret checkbox
Copy generated secret. We will use it later during the IdentityProvider resource creation
Press the Next button

Summary
Review the summary
Press the Next button

Complete
Press the Close button

Create IdentityProvider in Aidbox
To create IdentityProvider in Aidbox use REST Console
POST /IdentityProvider
id: adfs
resourceType: IdentityProvider
title: AD FS on Prem # button label on the Aidbox login page
scopes:
- profile
- openid
system: adfs
authorize_endpoint: https://<adfs-domain>/adfs/oauth2/authorize/
token_endpoint: https://<adfs-domain>/adfs/oauth2/token/
userinfo_endpoint: https://<adfs-domain>/adfs/userinfo
userinfo-source: id-token | userinfo-endpoint
client:
id: <your client id> # client id issued by AD FS
secret: <your client secret> # shared secred issued by AD FS
active: true
Login to Aidbox
To login to Aidbox with AD FS:
Open Aidbox front-page
Press the Login with AD FS on Prem
Enter your domain credentials in AD FS login page
Then user is redirected back to Aidbox, and Aidbox logs user in.
Last updated
Was this helpful?