Forum Discussion

Ramy Farag's avatar
Ramy Farag
Brass Contributor
Nov 15, 2016

SharePoint Claim Authentication

We are trying to authenticate users to SharePoint 2016 using IDP-Initiated SAML 2.0. The SAML token is generated from PingFederate and sent to ADFS which in turn sends it to SharePoint (Relying Party...
security
sharepoint server
Nick Brattoli's avatar
Nick Brattoli
MVP
Nov 15, 2016

This is a tough one. Why are you feeding into ADFS from PingFederate, rather than straight from AD?

  • Ramy Farag's avatar
    Ramy Farag
    Brass Contributor
    Nov 15, 2016

    Hi Nick,

     

    AD is not the identity provider. We use a different LDAP directory with PingFederate as its Federation Server.

    • Trevor Seward's avatar
      Trevor Seward
      MVP
      Nov 15, 2016
      I have customers who integrate SharePoint with PingFed directly. You should be able to do this... one thing to note is that SharePoint only supports SAML 1.1.
      • Ramy Farag's avatar
        Ramy Farag
        Brass Contributor
        Nov 15, 2016

        Hi Trevor,

         

        That is what we tried initially. But we found out that the WS-Federation protocol is not enabled in PingFederate and there are no plans to enable it. That why we came up with the idea to use ADFS in the middle. 

Resources