[MS-ADFSOD]: Active Directory Federation Services (AD FS) Protocols Overview
This document provides an overview of the Active Directory Federation Services (AD FS) Protocols Overview Protocol Family. It is intended for use in conjunction with the Microsoft Protocol Technical Documents, publicly available standard specifications, network programming art, and Microsoft Windows distributed systems concepts. It assumes that the reader is either familiar with the aforementioned material or has immediate access to it.
A Protocol System Document does not require the use of Microsoft programming tools or programming environments in order to implement the Protocols in the System. Developers who have access to Microsoft programming tools and environments are free to take advantage of them.
Intellectual Property Rights Notice for Open Specifications Documentation
Technical Documentation. Microsoft publishes Open Specifications documentation for protocols, file formats, languages, standards as well as overviews of the interaction among each of these technologies.
No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation.
Patents. Microsoft has patents that may cover your implementations of the technologies described in the Open Specifications. Neither this notice nor Microsoft's delivery of the documentation grants any licenses under those or any other Microsoft patents. However, a given Open Specification may be covered by Microsoft Open Specification Promise or the Community Promise. If you would prefer a written license, or if the technologies described in the Open Specifications are not covered by the Open Specifications Promise or Community Promise, as applicable, patent licenses are available by contacting firstname.lastname@example.org.
Trademarks. The names of companies and products contained in this documentation may be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. For a list of Microsoft trademarks, visit www.microsoft.com/trademarks.
Fictitious Names. The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted in this documentation are fictitious. No association with any real company, organization, product, domain name, email address, logo, person, place, or event is intended or should be inferred.
Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than specifically described above, whether by implication, estoppel, or otherwise.
Tools. The Open Specifications do not require the use of Microsoft programming tools or programming environments in order for you to develop an implementation. If you have access to Microsoft programming tools and environments you are free to take advantage of them. Certain Open Specifications are intended for use in conjunction with publicly available standard specifications and network programming art, and assumes that the reader either is familiar with the aforementioned material or has immediate access to it.
This document provides an overview of the functionality and relationship of the Active Directory Federation Services (AD FS) protocols. AD FS provides a means for distributed identification, authentication, and authorization across organizational and platform boundaries. It extends the ability to use single sign-on (SSO) functionality that is normally available only within a single security or enterprise boundary to Internet-facing applications, which gives customers, partners, and suppliers a streamlined user experience while accessing the web-based applications of an organization. The AD FS protocols that are described in this document provide for tasks such as sharing of authorization codes among groups of AD FS servers, obtaining security tokens for users from security token services, and integrating AD FS with pre-authentication proxies. These protocols include [MS-ADFSOAL], [MS-ADFSPIP], [MS-ADFSPP], [MS-ADFSWAP], [MS-MWBE], [MS-MWBF], [MS-OAPX], and [MS-SAMLPR], along with various industry standards.
This document describes the intended functionality of the AD FS protocols and how the protocols interact with each other. It provides examples of some common use cases. It does not restate the processing rules and other details that are specific for each protocol. Those details are described in the specifications for the protocols and data structures that belong to this group.