Using the Active Directory Federation Services (AD FS) Credentials Provider

You can configure the connector to authenticate the connection using credentials obtained from the AD FS credentials provider. To do this, you must specify information about the AD FS service, such as the host and port of the server where the service is hosted.

To configure authentication using AD FS:

1. Set the AuthenticationType property to ADFS.
2. To specify your credentials for accessing the AD FS server, do the following:
   1. Set the UID property to the user name that you use to access the AD FS server. You can include the domain name using the format [DomainName]\[UserName].
   2. Set the PWD property to the password corresponding to the user name that you provided in the previous step.
3. To specify AD FS service information, do the following:
   1. Set the IdP_Host property to the host name of the AD FS service.
   Important:

   Important:

   The host name cannot include any slashes (/).

   2. Optionally, set the IdP_Port property to the number of the port that the AD FS service host uses to listen for requests.

   Note:

   The exact port number that you need to specify may differ depending on the AD FS server configuration. If you are not sure which port to specify, contact your system administrator.

4. Optionally, set the Preferred_Role property to the Amazon Resource Name (ARN) of the role that you want to assume when authenticated through AD FS.
5. Optionally, set the Duration property to the duration, in seconds, of the role session.
6. If the AD FS service must be accessed through an HTTP proxy, set the UseProxyForIdP property to 1. For information about configuring the proxy connection, see Configuring Proxy Connections .
7. Optionally, if you do not want the connector to verify the AD FS server certificate, set the SSL_Insecure property to false.

Related topics

• Security and Authentication
• Authentication Driver Configuration Options
• Configuring Authentication